Linux Distros Unpatched Vulnerability : CVE-2019-25013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The iconv feature in the GNU C Library aka glibc or libc6 through 2.32, when processing invalid multi- byte input sequences in the EUC-KR encoding, may have a...

Exploit for CVE-2024-2961

sectoolset -- Github安全相关工具集合 主要内容： 0x00 漏洞利用实战练习&CTF安全竞赛 0x01 安全扫描器 0x02 安全防守 0x03 渗透测试 0x04 漏洞库及利用工具（POC，EXP 0x05 二进制及代码分析工具 0x06 威胁情报&蜜罐 0x07 安全文档资料 0x10 AI&大模型安全 0x11 所有内容 乌云镜像 乌云镜像，已挂 乌云镜像,已挂 近期安全热点 CVE-2025-48384: Git子模块回车符CR解析注入可致RCE GitHub MCP漏洞：劫持MCP服务访问私有仓库数据 glibc iconv中的缓冲区溢出导致PHP...

Fedora 42 : glibc (2025-6a7aa95984)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6a7aa95984 advisory. This update fixes CVE-2025-8058, a low-impact security vulnerability in the regcomp function. It also includes a fix for the iconv; it no longer creates...

Astra Linux – Vulnerability in zvbi

A vulnerability was discovered in libzvbi up to version 0.2.43. It has been classified as a problematic issue. The affected function is vbistrndupiconvucs2 in the file src/conv.c. Manipulating the srclength argument leads to an uninitialized pointer. This vulnerability can be exploited remotely...

Astra Linux – Vulnerability in zvbi

A vulnerability has been identified in libzvbi up to version 0.2.43. This vulnerability has been declared as a problem. The affected function is vbistrndupiconvucs2 in the file src/conv.c. Manipulating the srclength argument leads to integer overflow. This attack can be carried out remotely. The...

Medium: glibc

Issue Overview: In iconvdata/iso-2022-jp-3.c in the GNU C Library aka glibc 2.34, remote attackers can force iconv to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv use cases. NOTE: the...

The vulnerability of the VBI libzvbi library’s capture and decoding function is related to a numerical overflow in the _vbi_strndup_iconv() function. This allows an attacker to cause a service failure.

The vulnerability of the VBI libzvbi library’s capture and decoding functions is related to a numerical overflow in the vbistrndupiconv function. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

The vulnerability of the VBI libzvbi library’s capture and decoding function, related to a numerical overflow in the bi_strndup_iconv_ucs2() function, allows attackers to trigger a service denial.

The vulnerability of the VBI libzvbi library’s capture and decoding function is related to a numerical overflow in the bistrndupiconvucs2 function. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...

CVE-2019-5600

In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in iconv implementation may allow an attacker to write past the end of an output buffer. Depending on the...

Alibaba Cloud Linux 3 : 0070: glibc (ALINUX3-SA-2024:0070)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0070 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-2961: The iconv function in the GNU C...

OESA-2025-1330 zvbi security update

The ZVBI library provides functions to read from Linux V4L, V4L2 and FreeBSD BKTR raw VBI capture devices, from Linux DVB devices and from a VBI proxy to share V4L and V4L2 VBI devices between multiple applications. It can demodulate raw to sliced VBI data in software, with support for a wide ran...

SUSE CVE-2025-2173

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

SUSE CVE-2025-2175

A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function vbistrndupiconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to...

PT-2025-10701 · Libzvbi +5 · Libzvbi +5

Name of the Vulnerable Software and Affected Versions: libzvbi versions 0.2.43 and earlier Description: A problem has been found in the function vbi strndup iconv ucs2 of the file src/conv.c. The manipulation of the argument src length leads to an integer overflow. This issue can be exploited...

OESA-2025-1255 musl security update

musl is an implementation of the C standard library built on top of the Linux system call API, including interfaces defined in the base language standard, POSIX, and widely agreed-upon extensions. It is lightweight, fast, simple, free, and strives to be correct in the sense of standards conforman...

OESA-2025-1254 musl security update

musl is an implementation of the C standard library built on top of the Linux system call API, including interfaces defined in the base language standard, POSIX, and widely agreed-upon extensions. It is lightweight, fast, simple, free, and strives to be correct in the sense of standards conforman...

OESA-2025-1253 musl security update

musl is an implementation of the C standard library built on top of the Linux system call API, including interfaces defined in the base language standard, POSIX, and widely agreed-upon extensions. It is lightweight, fast, simple, free, and strives to be correct in the sense of standards conforman...

OESA-2025-1252 musl security update

musl is an implementation of the C standard library built on top of the Linux system call API, including interfaces defined in the base language standard, POSIX, and widely agreed-upon extensions. It is lightweight, fast, simple, free, and strives to be correct in the sense of standards conforman...

The vulnerability of the iconv function in the musl libc library, which allows a hacker to execute arbitrary code.

The vulnerability of the iconv function in the musl libc library is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code when calling the function for converting text from EUC-KR to UTF-8...

CVE-2025-26519

A flaw was found in the musl-libc package. Affected versions of musl-libc have an out-of-bounds write vulnerability when an attacker triggers an iconv conversion of untrusted EUC-KR text to UTF-8...