Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-2059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The stringpreputf8toucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other...

7.5CVSS7.5AI score0.03185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.16 views

RHEL 5 : libidn (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libidn2: Integer overflow in punydecode.c/decodedigit CVE-2017-14062 - The stringpreputf8toucs4 function ...

9.8CVSS8.8AI score0.06721EPSS
Exploits0References6
Rosalinux
Rosalinux
added 2021/07/02 5:14 p.m.26 views

Advisory ROSA-SA-2021-1873

Software: libidn 1.28 OS: Cobalt 7.9 CVE-ID: CVE-2015-2059 CVE-Crit: MEDIUM CVE-DESC: The stringpreputf8toucs4 function in libin prior to 1.31, used in jabberd2, allows context-sensitive attackers to read system memory and possibly exert other undefined influence via invalid UTF-8 characters in a...

7.5CVSS7.1AI score0.06721EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2016:2079-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.06721EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for libidn (EulerOS-SA-2019-1454)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03185EPSS
Exploits0References2
Cloud Foundry
Cloud Foundry
added 2016/11/08 12:0 a.m.47 views

USN-3068-1 Libidn vulnerabilities | Cloud Foundry

USN-3068-1 Libidn vulnerabilities Medium Vendor Canonical Ubuntu, libidn Versions Affected Canonical Ubuntu 14.04 LTS Description Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled invalid UTF-8 characters. A remote attacker cou...

7.5CVSS7.2AI score0.06721EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/09/13 12:0 a.m.28 views

SUSE SLES11 Security Update : libidn (SUSE-SU-2016:2291-1)

This update for libidn fixes the following issues : - CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input bsc990189 - CVE-2016-6261: Out-of-bounds stack read in idnatoascii4i bsc990190 - CVE-2016-6263: stringpreputf8nfkcnormalize reject invalid UTF-8 bsc990191 ...

7.5CVSS7.1AI score0.06721EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2016/09/12 12:0 a.m.34 views

openSUSE Security Update : wget (openSUSE-2016-1067)

This update for wget fixes the following issues : - Fix for HTTP to a FTP redirection file name confusion vulnerability bsc984060, CVE-2016-4971. - Work around a libidn vulnerability bsc937096, CVE-2015-2059. - Fix for wget fails with basicauth: Failed writing HTTP request: Bad file descriptor...

8.8CVSS6.8AI score0.45935EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2016/09/08 12:0 a.m.36 views

SUSE SLED12 / SLES12 Security Update : wget (SUSE-SU-2016:2226-1)

This update for wget fixes the following issues : - Fix for HTTP to a FTP redirection file name confusion vulnerability bsc984060, CVE-2016-4971. - Work around a libidn vulnerability bsc937096, CVE-2015-2059. - Fix for wget fails with basicauth: Failed writing HTTP request: Bad file descriptor...

8.8CVSS6.8AI score0.45935EPSS
Exploits8References8
Tenable Nessus
Tenable Nessus
added 2016/09/02 12:0 a.m.26 views

SUSE SLED12 / SLES12 Security Update : libidn (SUSE-SU-2016:2079-1)

This update for libidn fixes the following issues : - CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input bsc990189 - CVE-2016-6261: Out-of-bounds stack read in idnatoascii4i bsc990190 - CVE-2016-6263: stringpreputf8nfkcnormalize reject invalid UTF-8 bsc990191 ...

7.5CVSS7.1AI score0.06721EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2016/08/25 12:0 a.m.27 views

Ubuntu 14.04 LTS / 16.04 LTS : Libidn vulnerabilities (USN-3068-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3068-1 advisory. Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled invalid UTF-8...

7.5CVSS7.5AI score0.06721EPSS
Exploits0References6
OSV
OSV
added 2016/08/16 7:29 a.m.8 views

SUSE-SU-2016:2079-1 Security update for libidn

This update for libidn fixes the following issues: - CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input bsc990189 - CVE-2016-6261: Out-of-bounds stack read in idnatoascii4i bsc990190 - CVE-2016-6263: stringpreputf8nfkcnormalize reject invalid UTF-8 bsc990191 -...

7.5CVSS7.6AI score0.06721EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2016/05/16 12:0 a.m.20 views

Debian DSA-3578-1 : libidn - security update

It was discovered that libidn, the GNU library for Internationalized Domain Names IDNs, did not correctly handle invalid UTF-8 input, causing an out-of-bounds read. This could allow attackers to disclose sensitive information from an application using the libidn library. %NASLMINLEVEL 70300 C...

7.5CVSS7.4AI score0.03185EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2015-0349)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03185EPSS
Exploits0References7
Mageia
Mageia
added 2015/09/08 5:55 p.m.33 views

Updated libidn packages fix CVE-2015-2059

Updated libidn packages fix security vulnerability: In libidn before 1.31, stringpreputf8toucs4 did not validate that the input UTF-8 string was actually valid UTF-8, which could lead to out-of-bounds reads CVE-2015-2059...

7.5CVSS7.7AI score0.03185EPSS
Exploits0References5
OSV
OSV
added 2015/09/08 5:55 p.m.8 views

MGASA-2015-0349 Updated libidn packages fix CVE-2015-2059

Updated libidn packages fix security vulnerability: In libidn before 1.31, stringpreputf8toucs4 did not validate that the input UTF-8 string was actually valid UTF-8, which could lead to out-of-bounds reads CVE-2015-2059...

7.5CVSS8.3AI score0.03185EPSS
Exploits0References6
Debian
Debian
added 2015/08/16 10:8 a.m.30 views

[SECURITY] [DLA 291-1] libidn security update

Package : libidn Version : 1.15-2+deb6u2 Adam Sampson found a vulnerability in GNU Libidn, library that implements the IETF IDN specifications. Libdin incorrectly handled invalid UTF-8 input, causing it to bad free. This issue was introduced by the fix for CVE-2015-2059. For Debian 6 “Squeeze”,...

7.5CVSS7AI score0.03185EPSS
Exploits0
NVD
NVD
added 2015/08/12 2:59 p.m.15 views

CVE-2015-2059

The stringpreputf8toucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read...

7.5CVSS9.5AI score0.03185EPSS
Exploits0References10
OSV
OSV
added 2015/08/12 2:59 p.m.5 views

CVE-2015-2059

The stringpreputf8toucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read...

8.3AI score
Exploits0References14
CVE
CVE
added 2015/08/12 2:0 p.m.120 views

CVE-2015-2059

CVE-2015-2059 affects libin (libidn) prior to 1.31 as used by jabberd2. The issue is an out-of-bounds read triggered by invalid UTF-8 characters in a string, potentially enabling memory disclosure. The provided documents do not specify a vendor patch, version, or concrete remediation for this CVE...

7.5CVSS7.4AI score0.03185EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder