PYSEC-2019-14

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uritoiri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences...

Libpango 1.40.8 - Denial of Service (PoC)

Libpango 1.40.8 - Denial of Service PoC Exploit Title: Libpango 1.40.8 - Denial of Service PoC Date: 2018-08-06 Exploit Author: Jeffery M Vendor Homepage: https://www.pango.org/ Software Link: http://ftp.gnome.org/pub/GNOME/sources/pango/1.40/pango-1.40.9.tar.xz Version: 1.40.8+ Tested on: Window...

CVE-2018-15120

The CVE-2018-15120 entry concerns libpango in Pango 1.40.8–1.42.3 where crafted text with invalid Unicode sequences can cause a denial of service (application crash) and potentially other impacts. Public sources (e.g., CNVD, CNVD-2018-17885) indicate the fix is in Pango 1.42.4 and later. Related ...

Improper Handling of Alternate Encoding

Overview Affected versions of this package are vulnerable to Improper Handling of Alternate Encoding via boost::locale::utf::utftraits in the /boost/locale/utf.hpp, which does not properly detect certain invalid UTF-8 sequences. A remote attacker can bypass input validation protection mechanisms...

PT-2010-5625 · Openldap +1 · Libldap +3

Name of the Vulnerable Software and Affected Versions: openldap versions 2.2.13 through 2.4.22 openldap versions prior to 2.4.35 openldap-clients-2.2.13 openldap-servers-2.2.13 openldap-servers-sql-2.2.13 openldap-devel-2.2.13 compat-openldap-2.1.30 libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev...