Lucene search
+L

8 matches found

osv
osv
added 2025/12/27 9:7 a.m.24 views

RLSA-2023:2417 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.1.14. Security Fixes: XKCP: buffer overflow in the SHA-3 reference implementation CVE-2022-37454 php: standard insecure cookie could b...

8.1CVSS6.9AI score0.49336EPSS
Exploits6References6
susecve
susecve
added 2023/02/15 5:17 a.m.4 views

SUSE CVE-2015-4598

PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument save method or 2 the GD imagepsloadfont function...

6.5CVSS8.8AI score0.03917EPSS
Exploits0References10
susecve
susecve
added 2023/02/15 4:39 a.m.3 views

SUSE CVE-2017-14685

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xpsloadlinksinglyphs in...

7.8CVSS8AI score0.01324EPSS
Exploits1References5
osv
osv
added 2022/12/22 8:15 p.m.4 views

CVE-2022-45407

If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...

7.5CVSS7.4AI score
Exploits0References2
osv
osv
added 2022/11/16 12:0 a.m.10 views

UBUNTU-CVE-2022-45407

If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...

7.5CVSS7.2AI score0.00627EPSS
Exploits0References4
mskb
mskb
added 2020/04/09 12:0 a.m.8 views

Private EUDCs are not displayed in Character Map after you apply update 2982791 in Windows 7 or Windows Server 2008 R2

Private EUDCs are not displayed in Character Map after you apply update 2982791 in Windows 7 or Windows Server 2008 R2 This article describes an end-user-defined characters EUDCs load issue that occurs after you apply update 2982791 in Windows 7 Service Pack 1 SP1 or Windows Server 2008 R2 SP1. W...

6.1AI score
Exploits0
osv
osv
added 2017/09/22 6:29 a.m.4 views

UBUNTU-CVE-2017-14685

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xpsloadlinksinglyphs in...

7.8CVSS7.2AI score0.01324EPSS
Exploits1References4
zdt
zdt
added 2016/06/21 12:0 a.m.114 views

Microsoft Windows - Custom Font Disable Policy Bypass

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=779 Windows: Custom Font Disable Policy Bypass Platform: Windows 10 Only Class: Security Feature Bypass Summary: It’s possible to bypass the ProcessFontDisablePolicy check in win32...

6.9CVSS6.8AI score0.06129EPSS
Exploits1
Rows per page
Query Builder