EUVD-2019-6982

Malware in sbrugna...

OESA-2024-1462 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for...

SUSE CVE-2016-2794

The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...

Out-Of-Bounds Read

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...

GHSA-6VVC-C2M3-CJF3 JGit Improper Input Validation vulnerability

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine; libgit2; Egit; and JGit allow remote Git servers to execute arbitrary commands via a tree...

PYSEC-2020-217

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...

Command injection

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...

DEBIAN-CVE-2019-19451

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...

CVE-2019-19451

The CVE-2019-19451 issue affects Dia (GNOME Dia) prior to the upstream patch release for 2019-11-27: a filename argument that is not a valid codepoint in the current encoding can trigger an endless loop, causing stdout spam. In practice, when triggered from a thumbnailer, the output may be logged...

CVE-2019-16162

Onigmo through 6.2.0 has an out-of-bounds read in parsecharclass because of missing codepoint validation in regenc.c...

CVE-2019-16162

Onigmo through 6.2.0 has an out-of-bounds read in parsecharclass because of missing codepoint validation in regenc.c...

Out-of-bounds

Onigmo through 6.2.0 has an out-of-bounds read in parsecharclass because of missing codepoint validation in regenc.c...

CVE-2019-16162

Onigmo through 6.2.0 has an out-of-bounds read in parsecharclass because of missing codepoint validation in regenc.c...

The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.

The vulnerability of the graphite2::TtfUtil::CmapSubtable12NextCodepoint function in browsers Firefox ESR and Firefox, as well as in the Graphite 2 rendering software, is caused by buffer overflow. Exploiting this vulnerability can allow an attacker to cause service interruptions or other effects...

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...

DEBIAN-CVE-2016-2802

The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...

DEBIAN-CVE-2009-3626

Perl 5.10.1 allows context-dependent attackers to cause a denial of service application crash via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match...

CVE-2009-3626

Perl 5.10.1 allows context-dependent attackers to cause a denial of service application crash via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match...