Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 6 days ago4 views

golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname for example, xn--example-.com returns example.com instead of an error. Applications that validate the ASCII form then convert to Unicode may grant acce...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/22 3:1 p.m.11 views

EUVD-2026-31449

The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode"xn--example-.com" incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna...

10CVSS5.8AI score0.00478EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.3 views

SUSE CVE-2004-0902

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service application crash or execute arbitrary code via 1 the "Send page" functionality, 2 certain responses from a...

10CVSS7.9AI score0.10139EPSS
Exploits0References4
exploitpack
exploitpack
added 2004/09/14 12:0 a.m.12 views

Mozilla Browser 1.7.x - Non-ASCII Hostname Heap Overflow

Mozilla Browser 1.7.x - Non-ASCII Hostname Heap Overflow source: https://www.securityfocus.com/bid/11169/info Mozilla is prone to a remotely exploitable heap overflow that is exposed when the browser handles non-ASCII characters in URIs. This issue could be exploited by enticing a user to open a...

0.6AI score
Exploits0
Rows per page
Query Builder