SUSE CVE-2025-24855

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal...

UBUNTU-CVE-2025-24855

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal...

SUSE CVE-2013-0785

Cross-site scripting XSS vulnerability in showbug.cgi in Bugzilla before 3.6.13, 3.7.x and 4.0.x before 4.0.10, 4.1.x and 4.2.x before 4.2.5, and 4.3.x and 4.4.x before 4.4rc2 allows remote attackers to inject arbitrary web script or HTML via the id parameter in conjunction with an invalid value ...

OSV-2021-399 Heap-buffer-overflow in void AK::__format_value<unsigned char>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30914 Crash type: Heap-buffer-overflow READ 1 Crash state: void AK::formatvalue AK::vformatimpl AK::vformatimpl...

CVE-2014-1714

The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scopedclipboardwriter.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or...

libexif: "exif_entry_format_value()" buffer overflow

Buffer overflow in the exifentryformatvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image...