Lucene search
K

444 matches found

OSV
OSV
added 2024/04/17 6:15 p.m.10 views

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

7.3CVSS7.5AI score0.8833EPSS
Exploits16References19
OSV
OSV
added 2024/04/17 6:15 p.m.8 views

DEBIAN-CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

7.3CVSS7AI score0.8833EPSS
Exploits16References1
NVD
NVD
added 2024/04/17 6:15 p.m.34 views

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

7.3CVSS5.8AI score0.8833EPSS
Exploits16References20
Debian CVE
Debian CVE
added 2024/04/17 5:27 p.m.58 views

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

7.3CVSS7.1AI score0.8833EPSS
Exploits16
Vulnrichment
Vulnrichment
added 2024/04/17 5:27 p.m.31 views

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

7AI score0.8833EPSS
Exploits16References16
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.10 views

GNU C Library 安全漏洞

GNU C Library is an open source, free C compiler released under the LGPL license. GNU C Library suffers from a buffer overflow vulnerability that originates from a boundary error in the iconv function when handling untrusted input. An attacker could exploit the vulnerability to cause the...

7.3CVSS7.2AI score0.8833EPSS
Exploits16References22
UbuntuCve
UbuntuCve
added 2024/04/17 12:0 a.m.109 views

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

7.3CVSS7AI score0.8833EPSS
Exploits16References4
OSV
OSV
added 2024/04/17 12:0 a.m.1 views

UBUNTU-CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

7.3CVSS6.8AI score0.8833EPSS
Exploits16References5
Redos
Redos
added 2023/10/23 12:0 a.m.23 views

ROS-20231020-10

Vulnerability in the GNU C Library glibc iconv utility due to insufficient validation of input data. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by invoking the iconv utility with the "-c" option. by invoking the iconv utility with the "-c" option...

5.9CVSS6.9AI score0.04006EPSS
Exploits0
Redos
Redos
added 2023/04/20 12:0 a.m.33 views

ROS-20230420-02

A vulnerability in the iconv function of the glibc library is related to a flaw in the use of the assert function. The vulnerability allows an attacker acting remotely to cause a denial of service...

7.5CVSS8.3AI score0.03093EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.63 views

K08641512: glibc vulnerability CVE-2020-27618

Security Advisory Description The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in...

5.5CVSS6.3AI score0.00887EPSS
Exploits1Affected Software15
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.53 views

K83181523: PHP vulnerability CVE-2018-10546

Security Advisory Description An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. CVE-2018-10546 Impact There is no...

7.5CVSS7AI score0.10564EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.4 views

SUSE CVE-2007-4783

The iconvsubstr function in PHP 5.2.4 and earlier allows context-dependent attackers to cause 1 a denial of service application crash via a long string in the charset parameter, probably also requiring a long string in the str parameter; or 2 a denial of service temporary application hang via a...

5CVSS7.7AI score0.03628EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.5 views

SUSE CVE-2007-4840

PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service application crash via 1 a long string in the outcharset parameter to the iconv function; or a long string in the charset parameter to the 2 iconvmimedecodeheaders, 3 iconvmimedecode, or 4 iconvstrlen function...

5CVSS7.7AI score0.03152EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.4 views

SUSE CVE-2010-2097

The 1 iconvmimedecode, 2 iconvsubstr, and 3 iconvmimeencode functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the call time pass by...

5CVSS6.7AI score0.01907EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.5 views

SUSE CVE-2010-4699

The iconvmimedecodeheaders function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring aka Multibyte String implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam...

5CVSS7.2AI score0.01628EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.4 views

SUSE CVE-2012-6656

iconvdata/ibm930.c in GNU C Library aka glibc before 2.16 allows context-dependent attackers to cause a denial of service out-of-bounds read via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8...

5CVSS6.7AI score0.03439EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.3 views

SUSE CVE-2014-6040

GNU C Library aka glibc before 2.20 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via a multibyte character value of "0xffff" to the iconv function when converting 1 IBM933, 2 IBM935, 3 IBM937, 4 IBM939, or 5 IBM1364 encoded data to UTF-8...

5CVSS6.7AI score0.06564EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.3 views

SUSE CVE-2016-10228

The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service...

3.3CVSS8.6AI score0.04006EPSS
Exploits0References69
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.2 views

SUSE CVE-2018-10546

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences...

5.3CVSS8.4AI score0.10564EPSS
Exploits0References8
Rows per page
Query Builder