Lucene search
K

227 matches found

NVD
NVD
added 2021/08/24 7:15 p.m.17 views

CVE-2021-39157

detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...

7.5CVSS0.02068EPSS
Exploits1References3
OSV
OSV
added 2021/08/24 7:15 p.m.14 views

CVE-2021-39157

detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...

7.5CVSS6.7AI score
Exploits0References3
Prion
Prion
added 2021/08/24 7:15 p.m.11 views

Design/Logic Flaw

detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...

5CVSS7.4AI score0.02068EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/08/24 6:15 p.m.50 views

CVE-2021-39157

The CVE-2021-39157 entry relates to detect-character-encoding, a library where data matching with no charset in versions ≤0.6.0 can crash a Node.js process. The issue is resolved by upgrading to v0.7.0, as documented in Red Hat and GHSA advisories, with no workaround provided. Impact is a crash/d...

7.5CVSS7.5AI score0.02068EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/08/24 6:15 p.m.23 views

CVE-2021-39157 Improper Handling of Exceptional Conditions in detect-character-encoding

detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...

7.5CVSS7.6AI score0.02068EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/08/24 12:0 a.m.6 views

detect-character-encoding 安全漏洞

detect-character-encoding is an open source C++ plugin. A security vulnerability exists in detect-character-encoding, which stems from an authorization bypass vulnerability found in istio istio. Case-insensitive host comparisons were incorrect when computing rules specified with host or notHost...

7.5CVSS7.3AI score0.02068EPSS
Exploits1References4
NVD
NVD
added 2021/08/17 11:15 p.m.17 views

CVE-2021-39131

ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using Buffer.isBuffero...

7.5CVSS0.01891EPSS
Exploits1References3
OSV
OSV
added 2021/08/17 11:15 p.m.11 views

CVE-2021-39131

ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using Buffer.isBuffero...

7.5CVSS6.7AI score
Exploits0References3
Prion
Prion
added 2021/08/17 11:15 p.m.12 views

Design/Logic Flaw

ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using...

5CVSS7.4AI score0.01891EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/08/17 7:55 p.m.61 views

CVE-2021-39131

CVE-2021-39131 affects the ced JavaScript library used for character encoding detection. In ced v0.1.0, passing data types other than Buffer to ced crashes the Node.js process; this is the root cause. The issue is fixed in ced v1.0.0, with a recommended workaround: verify input is a Buffer (Buffe...

7.5CVSS7.4AI score0.01891EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/08/17 7:55 p.m.22 views

CVE-2021-39131 Improper Handling of Unexpected Data Type in ced

ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using Buffer.isBuffero...

7.5CVSS7.6AI score0.01891EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2019:0496-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.8AI score0.58204EPSS
Exploits9References2
Kitploit
Kitploit
added 2021/02/01 8:30 p.m.69 views

Flawfinder - A Static Analysis Tool For Finding Vulnerabilities In C/C++ Source Code

This is "flawfinder" by David A. Wheeler. Flawfinder is a simple program that scans C/C++ source code and reports potential security flaws. It can be a useful tool for examining software for vulnerabilities, and it can also serve as a simple introduction to static source code analysis tools more...

7.1AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.72 views

CentOS 8 : openssh (CESA-2019:3702)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3702 advisory. - openssh: scp client improper directory name validation CVE-2018-20685 - openssh: Missing character encoding in progress display allows for spoofing o...

6.8CVSS7AI score0.58204EPSS
Exploits9References4
OSV
OSV
added 2020/12/04 7:15 a.m.1 views

DEBIAN-CVE-2020-29562

The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

4.8CVSS6.4AI score0.01512EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2020/10/10 12:0 a.m.21 views

Fedora: Security Advisory for oniguruma (FEDORA-2020-952c499e9d)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.6AI score
Exploits1References2
OpenVAS
OpenVAS
added 2020/10/10 12:0 a.m.22 views

Fedora: Security Advisory for oniguruma (FEDORA-2020-d53469eceb)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.6AI score
Exploits1References2
Fedora
Fedora
added 2020/10/09 4:28 p.m.34 views

[SECURITY] Fedora 31 Update: oniguruma-6.9.4-2.fc31

Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. supported APIs: GNU regex, POSIX and Oniguruma native...

3.2AI score
Exploits1
Fedora
Fedora
added 2020/10/09 4:14 p.m.27 views

[SECURITY] Fedora 32 Update: oniguruma-6.9.5-3.rev1.fc32

Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. supported APIs: GNU regex, POSIX and Oniguruma native...

3.2AI score
Exploits1
Fedora
Fedora
added 2020/10/06 2:5 p.m.29 views

[SECURITY] Fedora 33 Update: oniguruma-6.9.5-3.rev1.fc33

Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. supported APIs: GNU regex, POSIX and Oniguruma native...

3.2AI score
Exploits1
Rows per page
Query Builder