245 matches found
CVE-2019-16707
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx...
Design/Logic Flaw
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx...
UBUNTU-CVE-2019-16707
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx...
CVE-2019-16707
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx...
CVE-2019-16707
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx...
CVE-2019-16707
CVE-2019-16707 affects Hunspell 1.7.0, with an invalid/out-of-bounds read in SuggestMgr::leftcommonsubstring (suggestmgr.cxx). Connected advisories confirm this vulnerability in Hunspell and show concrete remediation paths: various Linux distros advise updating Hunspell to patched releases (e.g.,...
CVE-2019-16707
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx...
CVE-2019-16707
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx...
PT-2019-5840
Name of the Vulnerable Software and Affected Versions Hunspell version 1.7.0 Description The issue is related to an invalid read operation in the SuggestMgr::leftcommonsubstring function of the suggestmgr.cxx component. This is a buffer overflow vulnerability that can be exploited by a remote...
Updated firefox packages fix security vulnerability
Firefox 60 is now the only supported version of the ESR series and it brings a completely new browser engine, designed to take full advantage of the processing power in modern devices. Firefox also now exclusively supports extensions built using the WebExtension API. This update brings Firefox...
Debian LTS: Security Advisory for hunspell-en-us (DLA-903-1)
The dictionary provided by this package had an unnecessary unversioned conflict against the thunderbird package which recently got reintroduced into Wheezy. This VT has been deprecated as it doesn SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a reference...
Debian DLA-903-1 : hunspell-en-us update
The dictionary provided by this package had an unnecessary unversioned conflict against the thunderbird package which recently got reintroduced into Wheezy. For Debian 7 'Wheezy', this problem has been fixed in version 20070829-6+deb7u1. We recommend that you upgrade your hunspell-en-us packages...
[SECURITY] [DLA 903-1] hunspell-en-us update
Package : hunspell-en-us Version : 20070829-6+deb7u1 The dictionary provided by this package had an unnecessary unversioned conflict against the thunderbird package which recently got reintroduced into Wheezy. For Debian 7 "Wheezy", this problem has been fixed in version 20070829-6+deb7u1. We...
DLA-903-1 hunspell-en-us - update
Bulletin has no description...
chromium-browser: Spell checking dictionaries fetched over HTTP in unspecified
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related...
Google Chrome Spellcheck API Man-in-the-Middle Attack Vulnerability
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the implementation of the Spellcheck API in versions of Google Chrome prior to 44.0.2403.89, which stems from the program failing to download the Hunspell directory using an HTTPS...
CVE-2015-1288
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related...
CVE-2015-1288
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related...
UBUNTU-CVE-2015-1288
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related...
CVE-2015-1288
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related...