712 matches found
JLSEC-2026-773
The bsonvalidate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. The issue may affect applications that re...
RLSA-2026:39547 Important: perl-XML-LibXML security update
This module implements a Perl interface to the GNOME libxml2 library which provides interfaces for parsing and manipulating XML files. This module allows Perl programmers to make use of the highly capable validating XML parser and the high performance DOM implementation. Security Fixes:...
perl-XML-LibXML security update
An update is available for perl-XML-LibXML. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This module implements a Perl interface to the GNOME libxml2 library...
perl-XML-LibXML: XML::LibXML: Denial of Service via truncated UTF-8 in XML node names
A flaw was found in XML::LibXML for Perl. A remote attacker could exploit this vulnerability when processing specially crafted XML node names containing incomplete UTF-8 character sequences. This can lead to an out-of-bounds read in heap memory, potentially causing the application to crash and...
Important: Red Hat Security Advisory: perl-XML-LibXML security update
An update for perl-XML-LibXML is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
SUSE-SU-2026:3022-1 Security update for sccache
This update for sccache fixes the following issues: Update to version 0.15.017. - CVE-2023-26964: hyper,h2: high resource consumption due to stream stacking when H2 component processes HTTP2 RSTSTREAM frames bsc1210346. - CVE-2024-32650: rust-rustls: infinite loop in...
perl-XML-LibXML: XML::LibXML: Denial of Service via truncated UTF-8 in XML node names
A flaw was found in XML::LibXML for Perl. A remote attacker could exploit this vulnerability when processing specially crafted XML node names containing incomplete UTF-8 character sequences. This can lead to an out-of-bounds read in heap memory, potentially causing the application to crash and...
CVE-2025-58146
There are multiple issues. 1. Updates to the XAPI database sanitise input strings, but try generating the notification using the unsanitised input. This causes the database's event thread to terminate and cease further processing. 2. XAPI's UTF-8 encoder implements v3.0 of the Unicode spec, but...
CVE-2025-58146 XAPI UTF-8 string handling
There are multiple issues. 1. Updates to the XAPI database sanitise input strings, but try generating the notification using the unsanitised input. This causes the database's event thread to terminate and cease further processing. 2. XAPI's UTF-8 encoder implements v3.0 of the Unicode spec, but...
Linux Distros Unpatched Vulnerability : CVE-2026-14650
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character...
SUSE CVE-2026-42327
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...
EUVD-2026-25022
ln: rejects non-UTF-8 source filenames in target-directory mode...
EUVD-2026-24978
comm: lossy UTF-8 conversion silently corrupts non-UTF-8 output...
CVE-2026-14650
A flaw was found in Grass. A local attacker could exploit a vulnerability in the UTF-8 Character Handler, specifically within the grasscompiler::rawtoparseerror function, by executing a manipulation. This could lead to a denial of service, making the system or application unavailable to legitimat...
PT-2026-55934
Name of the Vulnerable Software and Affected Versions ModSecurity versions 3.0.0 through 3.0.15 Description The t:utf8toUnicode transformation in src/actions/transformations/utf8 to unicode.cc produces incorrect output on i386 architecture. This occurs because the snprintf function uses sizeof on...
DEBIAN-CVE-2026-14650
A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...
CVE-2026-14650
Technical details about CVE-2026-14650 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-14650 connorskees grass UTF-8 Character raw_to_parse_error denial of service
A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...
EUVD-2026-41694
A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...
CVE-2026-14650 connorskees grass UTF-8 Character raw_to_parse_error denial of service
A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...