Lucene search
K

208 matches found

NVD
NVD
added 2016/04/11 9:59 p.m.16 views

CVE-2015-8614

Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...

7.5CVSS5.6AI score0.02554EPSS
Exploits0References8
OSV
OSV
added 2016/04/11 9:59 p.m.7 views

CVE-2015-8614

Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...

7.3CVSS7.3AI score
Exploits0References9
Prion
Prion
added 2016/04/11 9:59 p.m.15 views

Stack overflow

Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...

7.5CVSS7.3AI score0.02554EPSS
Exploits0References8Affected Software3
Prion
Prion
added 2016/04/11 9:59 p.m.15 views

Stack overflow

Stack-based buffer overflow in the conveuctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8614...

7.5CVSS7.6AI score0.02554EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2016/04/11 9:59 p.m.28 views

CVE-2015-8614

Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...

7.5CVSS7.4AI score0.02554EPSS
Exploits0References6
OSV
OSV
added 2016/04/11 9:59 p.m.6 views

UBUNTU-CVE-2015-8614

Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...

7.3CVSS7.5AI score0.02554EPSS
Exploits0References7
Cvelist
Cvelist
added 2016/04/11 9:0 p.m.33 views

CVE-2015-8614

Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...

5.6AI score0.02554EPSS
Exploits0References8
CVE
CVE
added 2016/04/11 9:0 p.m.82 views

CVE-2015-8614

Claws Mail (GTK-based email client) is affected by a stack-based buffer overflow in codeconv.c (conv_jistoeuc, conv_euctojis, conv_sjistoeuc) that can be triggered by a crafted email containing Japanese character set conversions. Affects versions before 3.13.1; CVE-2015-8708 notes this is an inco...

7.5CVSS5.5AI score0.02554EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2016/04/11 9:0 p.m.36 views

CVE-2015-8708

Stack-based buffer overflow in the conveuctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8614...

6AI score0.01539EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2016/04/11 9:0 p.m.73 views

CVE-2015-8614

Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...

7.5CVSS7.4AI score0.02554EPSS
Exploits0
Debian CVE
Debian CVE
added 2016/04/11 9:0 p.m.49 views

CVE-2015-8708

Stack-based buffer overflow in the conveuctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8614...

7.5CVSS7.7AI score0.01539EPSS
Exploits0
Mageia
Mageia
added 2016/01/12 9:13 a.m.34 views

Updated claws-mail packages fix security vulnerability

no bounds checking on the output buffer in convjistoeuc, conveuctojis, convsjistoeuc A Tails contributor found a vulnerability in claws-mail where in codeconv.c a function for japanese character set conversion called convjistoeuc has no bounds checking on the output buffer which is created on the...

7.5CVSS7.1AI score0.02554EPSS
Exploits0References3
OSV
OSV
added 2016/01/12 9:13 a.m.8 views

MGASA-2016-0008 Updated claws-mail packages fix security vulnerability

no bounds checking on the output buffer in convjistoeuc, conveuctojis, convsjistoeuc A Tails contributor found a vulnerability in claws-mail where in codeconv.c a function for japanese character set conversion called convjistoeuc has no bounds checking on the output buffer which is created on the...

7.5CVSS7.2AI score0.02554EPSS
Exploits0References4
CNVD
CNVD
added 2015/10/03 12:0 a.m.5 views

Web Reference Database SQL Injection Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. A security vulnerability in the Web Reference Database install.php script handling the 'defaultCharacterSet' parameter allows remote attackers t...

7.5CVSS7.5AI score0.01471EPSS
Exploits0References1
Kitploit
Kitploit
added 2015/07/23 9:9 p.m.17 views

Passgen - Random Character Generator Crunch to Crack WPA/WPA2

Passgen is an alternative for the random character generator crunch which attempts to solve cracking WPA/WPA2 keys by randomizing the output opposed to generating a list like so, aaaaaaaa, aaaaaaab, aaaaaac, etc. Example usuage with aircrack-ng python passgen.py -l | sudo aircrack-ng --bssid...

7.2AI score
Exploits0References1
myhack58
myhack58
added 2015/04/27 12:0 a.m.19 views

WordPress < 4.1.2 version there is XSS vulnerability, an attacker can exploit to obtain site permissions-bug warning-the black bar safety net

tldr; mysql → special characters → truncation → input validation → output sanitisation → xss → time to update WordPress. Mysql truncate Mysql utf8 character set only support up to 3-byte characters, if you insert a 4-byte characters, the default configuration of mysql will truncate the character...

0.8AI score
Exploits0
Kitploit
Kitploit
added 2014/11/24 11:20 p.m.36 views

Crunch - Password Cracking Wordlist Generator

Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations. Features crunch generates wordlists in both combination and permutation ways it can breakup output by number of lines or fi...

7.3AI score
Exploits0
Mageia
Mageia
added 2014/08/25 8:44 a.m.48 views

Updated bugzilla packages fix a CSRF vulnerability

Updated bugzilla packages fix security vulnerabilities: Adobe does not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery CSRF attacks against Bugzilla's JSONP endpoint, possibly obtaining sensitive bug information, via a crafted OBJECT...

4.3CVSS6.3AI score0.00542EPSS
Exploits0References2
Jake Archibald's Blog
Jake Archibald's Blog
added 2014/08/19 12:0 a.m.14 views

Minimising font downloads

Optimising fonts is pretty difficult for larger sites. There's an easy solution, although only some browsers support it. Translations Français Fonts can be big Really big. They can be anywhere from 70k to many megabytes compressed of course, because why wouldn't you?. You want bold? Well, you jus...

6.9AI score
Exploits0
Prion
Prion
added 2014/06/23 2:55 p.m.31 views

Memory corruption

The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...

2.7CVSS6.7AI score0.07269EPSS
Exploits0References23Affected Software1
Rows per page
Query Builder