Improper Handling of Case Sensitivity

Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity through improper handling of Unicode characters in the splitPos function. An attacker can execute arbitrary code by uploading a file with a specially crafted name containing non-ASCII bytes or Unico...

Astra Linux - уязвимость в unzip

A flaw was discovered in unzip. The vulnerability arises from improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to submit a specially crafted zip file, resulting in a crash or code execution...

CVE-2026-4114

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication...

SonicWall SMA 1000 Series <= 12.4.3-03245 / 12.5.x <= 12.5.0-02283 Multiple Vulnerabilities (SNWLID-2026-0003)

The remote host is a SonicWall SMA 1000 Series device that is affected by multiple vulnerabilities: - A privilege escalation vulnerability due to improper neutralization of special elements used in an SQL command. A remote authenticated attacker with read-only administrator privileges can escalat...

EUVD-2026-20906

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication...

CVE-2026-4116

SonicWall SMA1000 series appliances are affected by CVE-2026-4116 (Unicode encoding handling) that allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication. The issue is part of a set of vulnerabilities disclosed by SonicWall (SNWLID-2026-0003). Affected de...

CVE-2026-4116

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication...

CVE-2026-4114

The CVE-2026-4114 issue affects SonicWall SMA1000 series appliances and is caused by improper handling of Unicode encoding, enabling a remote authenticated SSLVPN admin to bypass AMC TOTP authentication. The Red Hat, NVD, and Nessus entries corroborate this vulnerability, and SonicWall PSIRT SNWL...

CVE-2026-4114

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication...

CVE-2026-4114

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication...

SonicWALL SMA1000 安全漏洞

SonicWALL SMA1000 is a series of security mobile access solutions developed by the American company SonicWALL. It simplifies end-to-end secure remote access for enterprise resources hosted across local, cloud, and hybrid data centers. There is a security vulnerability in SonicWall SMA1000, which...

UBUNTU-CVE-2026-27590

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's FastCGI path splitting logic computes the split index on a lowercased copy of the request path and then uses that byte index to slice the original path. This is unsafe for Unicode because...

FrankenPHP 安全漏洞

FrankenPHP is an open-source PHP application server developed by phpnet. Versions of FrankenPHP prior to 1.11.2 contained security vulnerabilities. These vulnerabilities stemmed from improper case conversion during CGI path segmentation when handling Unicode characters, which could lead to the...

Improper Handling of Unicode Encoding

Overview litestar is a Litestar - A production-ready, highly performant, extensible ASGI API Framework Affected versions of this package are vulnerable to Improper Handling of Unicode Encoding via the safefilename in the stores/file.py‎. An attacker can cause cached responses for one URL to be...

UBUNTU-CVE-2021-4217

A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution...

Info-ZIP UnZip 代码问题漏洞

Info-ZIP UnZip is a set of tools for decompressing the ".zip" file format on the Unix platform by Greg Roelofs, an individual developer in the United States. A security vulnerability exists in Info-ZIP UnZip, which stems from the mishandling of Unicode strings, which could allow an attacker to...

Microsoft Windows Uniscribe Information Disclosure Vulnerability (CNVD-2017-03757)

Microsoft Uniscribe is a component of the Windows operating system developed by Microsoft Corporation for the correct presentation of Unicode characters. An information disclosure vulnerability exists in Microsoft Uniscribe's handling of in-memory objects, which allows remote attackers to exploit...