53 matches found
User Interface (UI) Misrepresentation of Critical Information
Overview symfony/html-sanitizer is a Provides an object-oriented API to sanitize untrusted HTML input for safe insertion into a document's DOM. Affected versions of this package are vulnerable to User Interface UI Misrepresentation of Critical Information via UrlSanitizer::parse in the...
Astra Linux - уязвимость в rustc
A issue was discovered in the Bidirectional Algorithm in the Unicode Specification through version 14.0. This algorithm allows for the visual reordering of characters through control sequences, which can be used to create source code that implements logic different from the logical order of token...
Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017420)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017420 advisory. An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequence...
CLSA-2026-1777456424 gcc: Fix of CVE-2021-42574
CVE-2021-42574: add -Wbidi-chars warning for Unicode bidirectional text...
`unic` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icu - idna - unicode-bidi...
RUSTSEC-2025-0095 `unic` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icu - idna - unicode-bidi...
EUVD-2010-2652
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-42574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control...
Linux Distros Unpatched Vulnerability : CVE-2014-8147
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode ICU...
Linux Distros Unpatched Vulnerability : CVE-2014-8146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode ICU...
Rocky Linux 8 : gcc-toolset-11-gcc (RLSA-2021:4586)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4586 advisory. - DISPUTED An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via...
Rocky Linux 8 : gcc-toolset-11-annobin (RLSA-2021:4591)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4591 advisory. - DISPUTED An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via...
SUSE CVE-2014-8146
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode ICU before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service...
EulerOS Virtualization 3.0.2.6 : binutils (EulerOS-SA-2023-1092)
According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reorderi...
EulerOS Virtualization 3.0.6.6 : binutils (EulerOS-SA-2022-2487)
According to the versions of the binutils packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTED An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visua...
JetBrains IntelliJ IDEA 安全漏洞
JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from Czech company Jetbrains. security vulnerability exists in versions of JetBrains IntelliJ IDEA prior to 2022.1, which stems from an insufficient notification mechanism for using Unicode...
OESA-2022-1501 binutils security update
The GNU Binutils are a collection of binary tools. The main ones are: ld - the GNU linker. as - the GNU assembler. addr2line - Converts addresses into filenames and line numbers. ar - A utility for creating, modifying and extracting from archives. c++filt - Filter to demangle encoded C++ symbols...
environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks
A flaw was found in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text. An attacker could exploit this to deceive a human reviewer by creating a malicious patch containing well placed BiDi characters. The...
environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks
A flaw was found in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text. An attacker could exploit this to deceive a human reviewer by creating a malicious patch containing well placed BiDi characters. The...
environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks
A flaw was found in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text. An attacker could exploit this to deceive a human reviewer by creating a malicious patch containing well placed BiDi characters. The...