Lucene search
K

701 matches found

NVD
NVD
added 6 days ago9 views

CVE-2025-58146

There are multiple issues. 1. Updates to the XAPI database sanitise input strings, but try generating the notification using the unsanitised input. This causes the database's event thread to terminate and cease further processing. 2. XAPI's UTF-8 encoder implements v3.0 of the Unicode spec, but...

9.4CVSS0.00137EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago33 views

CVE-2025-58146 XAPI UTF-8 string handling

There are multiple issues. 1. Updates to the XAPI database sanitise input strings, but try generating the notification using the unsanitised input. This causes the database's event thread to terminate and cease further processing. 2. XAPI's UTF-8 encoder implements v3.0 of the Unicode spec, but...

9.4CVSS0.00137EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-14650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character...

4.8CVSS5.7AI score0.00116EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/07/07 3:16 p.m.8 views

SUSE CVE-2026-42327

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

7.5CVSS6AI score0.00211EPSS
Exploits0References9
EUVD
EUVD
added 2026/07/06 7:53 p.m.6 views

EUVD-2026-25022

ln: rejects non-UTF-8 source filenames in target-directory mode...

5.5CVSS5.9AI score0.00121EPSS
Exploits1References3
EUVD
EUVD
added 2026/07/06 7:51 p.m.7 views

EUVD-2026-24978

comm: lossy UTF-8 conversion silently corrupts non-UTF-8 output...

3.3CVSS5.9AI score0.00176EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/07/06 6:47 a.m.6 views

CVE-2026-14650

A flaw was found in Grass. A local attacker could exploit a vulnerability in the UTF-8 Character Handler, specifically within the grasscompiler::rawtoparseerror function, by executing a manipulation. This could lead to a denial of service, making the system or application unavailable to legitimat...

4.8CVSS5.8AI score0.00116EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-55934

Name of the Vulnerable Software and Affected Versions ModSecurity versions 3.0.0 through 3.0.15 Description The t:utf8toUnicode transformation in src/actions/transformations/utf8 to unicode.cc produces incorrect output on i386 architecture. This occurs because the snprintf function uses sizeof on...

5.8CVSS6.1AI score0.00438EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/07/04 8:0 p.m.29 views

CVE-2026-14650 connorskees grass UTF-8 Character raw_to_parse_error denial of service

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS0.00116EPSS
Exploits0References6
CVE
CVE
added 2026/07/04 8:0 p.m.15 views

CVE-2026-14650

Technical details about CVE-2026-14650 are not publicly available in the provided documents. Monitor for updates.

4.8CVSS5.5AI score0.00116EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/04 8:0 p.m.10 views

EUVD-2026-41694

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS5.5AI score0.00116EPSS
Exploits0References6
OSV
OSV
added 2026/07/04 8:0 p.m.3 views

CVE-2026-14650 connorskees grass UTF-8 Character raw_to_parse_error denial of service

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS5.4AI score0.00116EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.8 views

PT-2026-55729

Name of the Vulnerable Software and Affected Versions connorskees grass versions prior to 0.13.5 Description A flaw in the UTF-8 Character Handler component allows local execution of a manipulation that can lead to a denial of service. The issue resides in the grass compiler::raw to parse error...

4.8CVSS6AI score0.00116EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/07/01 2:8 p.m.8 views

CVE-2026-57455

A memory corruption flaw in Vim allows an attacker to cause a Denial of Service DoS. When a SOFO-based spell language is active, providing an excessively long word to the spell checker triggers a stack out-of-bounds write in the spellsoundfoldsofo function, causing the editor to crash. Mitigation...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/30 12:57 p.m.7 views

EUVD-2026-40314

A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...

6.5CVSS5.9AI score0.00322EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/06/30 12:57 p.m.7 views

CVE-2026-58012

A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...

8.2CVSS5.9AI score0.00322EPSS
Exploits1References3
OSV
OSV
added 2026/06/26 12:32 p.m.2 views

SUSE-SU-2026:0906-2 Security update for clamav

This update for clamav fixes the following issues: Update to clamav 1.5.2: Security issue: - CVE-2026-20031: improper error handling in the HTML CSS module when splitting UTF-8 strings can lead to denial of service conditions via a crafted HTML file bsc1259207. Non security issue: - Support...

5.3CVSS5.8AI score0.00414EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 6:32 p.m.8 views

EUVD-2026-38891

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in sbi-volume.label. The converted label is later exposed through...

5.7AI score0.00172EPSS
Exploits0References8
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53023

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in sbi-volume.label. The converted label is later exposed through...

0.00172EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:29 p.m.4 views

CVE-2026-53023 fs/ntfs3: terminate the cached volume label after UTF-8 conversion

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in sbi-volume.label. The converted label is later exposed through...

5.8AI score0.00172EPSS
Exploits0References10
Rows per page
Query Builder