CVE-2025-46646

In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...

CVE-2025-46646

In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...

PT-2025-17960

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions prior to 10.05.0 Description The issue is related to the mishandling of overlong UTF-8 encoding in the decode utf8 function in base/gp utf8.c. This problem exists due to an incomplete fix for a previous issue...

CVE-2025-46646

In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...

CVE-2024-46954

A flaw was found in Ghostscript/base/gputf8.c. This vulnerability allows directory traversal via overlong UTF-8 encoding, potentially leading to unauthorized access to filesystem directories...

CVE-2024-46954

An issue was discovered in decodeutf8 in base/gputf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal...

CVE-2024-46954

An issue was discovered in decodeutf8 in base/gputf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal...

CVE-2024-46954

Ghostscript before 10.05.0 is affected by decode_utf8() in base/gp_utf8.c mishandling of overlong UTF-8 encoding, enabling a potential directory traversal (CVE-2024-46954). Connected advisories corroborate the issue exists across multiple Linux distributions and note the fix requires upgrading Gh...

CVE-2024-46954

An issue was discovered in decodeutf8 in base/gputf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal...

CVE-2024-45293

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying the XML structure, utilizing white-spaces. On servers that allow users to upload their own Excel XLS...

PT-2024-32297 · Artifex +6 · Artifex Ghostscript +6

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 10.04.0 Description: An issue was discovered in the decode utf8 function in base/gp utf8.c of Artifex Ghostscript. This issue is related to overlong UTF-8 encoding, which can lead to possible ../ director...

Path Traversal in TYPO3 Core

Due to a too loose type check in an API method, attackers could bypass the directory traversal check by providing an invalid UTF-8 encoding sequence...

OSV-2023-1338 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65230 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/sun.nio.cs.UTF8.updatePositions java.base/sun.nio.cs.UTF8$Encoder.encodeArrayLoop...

MGASA-2022-0183 Updated xmlrpc-c packages fix security vulnerability

xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. CVE-2022-25235...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CVE-2019-9053 CVE-2019-9053 Exploit for Python 3 Last tested...

Validation Bypass

Mozilla Firefox is vulnerable to validaiton bypass. does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting XSS protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210...

CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

Eclipse OpenJ9 Buffer Overflow Vulnerability (CNVD-2021-08893)

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A buffer overflow vulnerability exists in Eclipse OpenJ9 versions prior to 0.23, which stems from a stack-based buffer overflow that can occur when the virtual machine ...