11953 matches found
AZL-74790 CVE-2025-15536 affecting package opencc 1.1.1-3
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made...
CVE-2025-15536
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made...
DEBIAN-CVE-2025-15536
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made...
CVE-2025-15536 BYVoid OpenCC MaxMatchSegmentation.cpp MaxMatchSegmentation heap-based overflow
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made...
CVE-2025-15536 BYVoid OpenCC MaxMatchSegmentation.cpp MaxMatchSegmentation heap-based overflow
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made...
CVE-2025-15536
CVE-2025-15536 concerns BYVoid OpenCC up to version 1.1.9. The vulnerability affects the function opencc::MaxMatchSegmentation in src/MaxMatchSegmentation.cpp, causing a heap-based buffer overflow. The attack is local and public exploit is available. Publicly documented fixes reference a patch id...
CVE-2025-15536
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made...
Open Chinese Convert security vulnerability
Open Chinese Convert is a conversion software for traditional Chinese and Simplified Chinese developed by Carbo Kuo. Versions of BYVoid OpenCC 1.1.9 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a heap buffer overflow in the opencc::MaxMatchSegmentation functi...
MiracleLinux 7 : firefox-60.1.0-5.0.1.el7 (AXSA:2018-3259:05)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3259:05 advisory. Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 CVE-2018-5188 Mozilla: Buffer overflow using computed size o...
MiracleLinux 7 : [security - medium] qt5 (AXSA:2019-4200:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4200:01 advisory. qt5-qtbase: Double free in QXmlStreamReader CVE-2018-15518 qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service...
MiracleLinux 7 : nss-softokn-3.44.0-8.el7, nss-util-3.44.0-4.el7, nss-3.44.0-7.el7 (AXSA:2019-4421:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4421:01 advisory. nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSCEncryptUpdate CVE-2019-11745 nss: Empty or malformed...
MiracleLinux 7 : elfutils-0.176-2.el7 (AXSA:2019-3992:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3992:02 advisory. elfutils: Heap-based buffer over-read in libdw/dwarfgetaranges.c:dwarfgetaranges via crafted file CVE-2018-16062 elfutils: Double-free due to double...
MiracleLinux 4 : httpd-2.2.15-60.4.0.1.AXS4 (AXSA:2017-1742:03)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1742:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2016-8743 RESERVED This candidate ha...
MiracleLinux 3 : ruby-1.8.5-27.AXS3 (AXSA:2013-43:01)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-43:01 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system...
CVE-2026-0990
A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...
UBUNTU-CVE-2026-0990
A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...
CVE-2026-0976 Org.keycloak/keycloak-quarkus-server: keycloak: proxy bypass due to improper handling of matrix parameters in url paths
A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. A remote attacker can craft requests to mask path segments,...
CVE-2026-22693
A null pointer dereference vector has been discovered in the harfbuzz package. A null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh:1672-1673. The function fails to check if hbmalloc returns NULL before using placement ne...
SUSE CVE-2026-22693
HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construct an object at t...
MiracleLinux 7 : poppler-0.26.5-43.1.0.2.el7.AXS7 (AXSA:2025-11446:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11446:01 advisory. CVE-2025-32365: fix segmentation fault due to an invalid memory read, occurring in JBIG2Bitmap::combine CVEs: CVE-2025-32365 Poppler before 25.04.0 allows...