CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

52 matches found

Cvelist•added 2019/11/13 1:55 p.m.•14 views

CVE-2019-18397

A buffer overflow in the fribidigetparembeddinglevelsex function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application...

8.2AI score0.00682EPSS

Exploits0References10

UbuntuCve•added 2019/11/07 5:0 p.m.•16 views

CVE-2019-18397

7.8CVSS7.6AI score0.00682EPSS

Exploits0References2

RedhatCVE•added 2019/10/07 2:2 p.m.•34 views

CVE-2017-5447

An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

6.4CVSS4AI score0.10983EPSS

Exploits4References2

Fedora•added 2019/08/31 1:39 a.m.•19 views

[SECURITY] Fedora 29 Update: pango-1.42.4-3.fc29

Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango can be used anywhere that text layout is nee ded, though most of the work on Pango so far has been done in the context of the GTK+ widget toolkit. Pango forms the core of text and font handlin...

9.8CVSS0.8AI score0.09766EPSS

Exploits1

Fedora•added 2019/08/21 1:5 a.m.•31 views

[SECURITY] Fedora 30 Update: pango-1.43.0-4.fc30

9.8CVSS0.8AI score0.09766EPSS

Exploits1

OpenVAS•added 2019/08/21 12:0 a.m.•20 views

Fedora Update for pango FEDORA-2019-547be4a683

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.09766EPSS

Exploits1References2

Veracode•added 2019/05/02 6:10 a.m.•19 views

Out-Of-Bounds Read

Thunderbird, Firefox ESR, and Firefox are vulnerable to out-of-bounds read. Improper processing of glyph widths during text layout could allow an attacker to read otherwise inaccessible memory and cause an application crash...

9.1CVSS9AI score0.10983EPSS

Exploits7References18Affected Software2

Fedora•added 2018/09/13 5:7 p.m.•29 views

[SECURITY] Fedora 27 Update: pango-1.40.14-3.fc27

6.5CVSS0.8AI score0.05613EPSS

Exploits5

OSV•added 2018/06/11 9:29 p.m.•1 views

DEBIAN-CVE-2017-5447

9.1CVSS8.8AI score0.10983EPSS

Exploits4References1

Prion•added 2018/06/11 9:29 p.m.•15 views

Design/Logic Flaw

6.4CVSS8.7AI score0.10983EPSS

Exploits4References12Affected Software10

Debian CVE•added 2018/06/11 9:0 p.m.•32 views

CVE-2017-5447

9.1CVSS9.7AI score0.10983EPSS

Exploits4

CVE•added 2018/06/11 9:0 p.m.•189 views

CVE-2017-5447

CVE-2017-5447 is an out-of-bounds read in glyph widths processing during text layout that can cause a crash and potentially expose memory. Affected products include Mozilla Thunderbird (<52.1) and Mozilla Firefox/Firefox ESR (ESR <52.1; Firefox

9.1CVSS7.9AI score0.10983EPSS

Exploits4References12Affected Software1

Cvelist•added 2018/06/11 9:0 p.m.•20 views

CVE-2017-5447

8.1AI score0.10983EPSS

Exploits4References12

OSV•added 2017/04/20 12:0 a.m.•0 views

UBUNTU-CVE-2017-5447

9.1CVSS7.3AI score0.10983EPSS

Exploits4References5

OpenVAS•added 2014/10/20 12:0 a.m.•64 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Oct 2014) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

7.5CVSS9.6AI score0.04667EPSS

Exploits0References12

OpenVAS•added 2014/10/20 12:0 a.m.•30 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Oct 2014) - Windows

7.5CVSS9.6AI score0.04667EPSS

Exploits0References12

OSV•added 2014/10/15 2:27 p.m.•3 views

USN-2373-1 thunderbird vulnerabilities

Bobby Holley, Christian Holler, David Bolter, Byron Campen and Jon Coppeard discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service vi...

7.5CVSS7.4AI score0.04667EPSS

Exploits0References8

Ubuntu•added 2014/10/14 5:22 p.m.•58 views

USN-2372-1: Firefox vulnerabilities

Bobby Holley, Christian Holler, David Bolter, Byron Campen, Jon Coppeard, Carsten Book, Martijn Wargers, Shih-Chiang Chien, Terrence Cole and Jeff Walden discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could...

7.5CVSS8.5AI score0.04667EPSS

Exploits1

Tenable Nessus•added 2014/09/12 12:0 a.m.•38 views

Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2330-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2330-1 advisory. Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in...

10CVSS8.1AI score0.13912EPSS

Exploits1References7

Ubuntu•added 2014/09/11 10:31 p.m.•56 views

USN-2330-1: Thunderbird vulnerabilities

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to...

10CVSS8.1AI score0.13912EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by