K25353544: libidn vulnerability CVE-2016-6263

Security Advisory Description The stringpreputf8nfkcnormalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted UTF-8 data. CVE-2016-6263 Impact This vulnerability may allow attackers to cause a...

NewStart CGSL CORE 5.05 / MAIN 5.05 : screen Vulnerability (NS-SA-2022-0035)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has screen packages installed that are affected by a vulnerability: - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly have...

Huawei EulerOS: Security Advisory for screen (EulerOS-SA-2021-2083)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : screen (EulerOS-SA-2021-1848)

According to the version of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly...

CVE-2021-27135

xterm before Patch 366 allows remote attackers to execute arbitrary code or cause a denial of service segmentation fault via a crafted UTF-8 combining character sequence...

CVE-2021-26937

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly have unspecified other impact via a crafted UTF-8 character sequence...

CVE-2021-26937

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly have unspecified other impact via a crafted UTF-8 character sequence...

EulerOS 2.0 SP3 : perl (EulerOS-SA-2019-2035)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The 1 Sreghop3, 2 Sreghop4, and 3 Sreghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial o...

Out-of-bounds

The stringpreputf8nfkcnormalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted UTF-8 data...

CVE-2016-6263

The stringpreputf8nfkcnormalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted UTF-8 data...

CVE-2016-6263

The stringpreputf8nfkcnormalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted UTF-8 data...

CVE-2015-8853

The 1 Sreghop3, 2 Sreghop4, and 3 Sreghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service infinite loop via crafted utf-8 data, as demonstrated by "a\x80."...

CVE-2015-8853

The 1 Sreghop3, 2 Sreghop4, and 3 Sreghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service infinite loop via crafted utf-8 data, as demonstrated by "a\x80."...

CVE-2015-1609

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request...

CVE-2015-1609

Removed by vendor...

CVE-2015-1609

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request...

Design/Logic Flaw

JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...

CVE-2009-3720

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...

Stack overflow

Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link...

CVE-2006-5465

Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the 1 htmlentities or 2 htmlspecialchars functions...