CPython 安全漏洞

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability that arises from excessive CPU consumption when processing specially crafted Unicode inputs, which may lead to a denial-of-service attack...

Astra Linux – Vulnerability in ntfs-3g

In NTFS-3G versions before version 2021.8.22, when a specially crafted Unicode string is provided in an NTFS image, a heap buffer overflow may occur, allowing code execution...

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize via the splitPos function. An attacker can cause unintended script execution by crafting a request path containing specific multi-byte Unicode characters, which manipulates the...

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize via the splitPos function. An attacker can cause unintended script execution by crafting a request path containing specific multi-byte Unicode characters, which manipulates the...

CVE-2020-37121

CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. Attackers can create a malicious M3U playlist file with 536 bytes of buffer and shellcode to trigger remote code...

EUVD-2015-1300

Malware in sbrugna...

EUVD-2007-6369

Malware in sbrugna...

CVE-2025-61582 Ts3 Manager: Unauthenticated Denial of Service possible through specially crafted Unicode input

TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A Denial of Dervice vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability permits an unauthenticated actor to crash the application through the submission of specially crafted Unicode input,...

SUSE CVE-2015-1262

platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Unicode text...

ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string

The ntfs3g package is susceptible to a heap overflow on crafted unicode input. When processing NTFS unicode input, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

AZL-6749 CVE-2021-33286 affecting package ntfs-3g for versions less than 2021.8.22-1

In NTFS-3G versions 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution...

CVE-2019-19819

The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content...

DEBIAN-CVE-2018-15120

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted text with invalid Unicode sequences...

UBUNTU-CVE-2015-8790

The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access...

The vulnerability of the Mac OS X operating system allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the Speech UI component in the Mac OS X operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially crafted Unicode string...

The vulnerability of the iOS operating system, which allows a hacker to trigger a device service failure.

The vulnerability of the iOS operating system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to cause a device to fail to respond to service requests by sending a specially crafted Unicode text message, which is not properly processed when sent via SMS or...

CVE-2015-1157

CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service reboot and messaging disruption via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in 1 an SMS message or 2 a...

CVE-2015-1157

CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service reboot and messaging disruption via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in 1 an SMS message or 2 a...

Code injection

platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Unicode text...

UBUNTU-CVE-2015-1262

platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Unicode text...