88 matches found
postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...
EUVD-2009-2930
Malware in sbrugna...
EUVD-2014-5928
Malware in sbrugna...
EUVD-2017-16955
Malware in sbrugna...
EUVD-2009-1207
Malware in sbrugna...
EUVD-2009-2929
Malware in sbrugna...
EUVD-2006-2314
Malware in sbrugna...
EUVD-2022-0618
Malicious code in bioql PyPI...
EUVD-2022-5860
Malicious code in bioql PyPI...
CVE-2024-37284
Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file and/or killing th...
SUSE CVE-2012-0471
Cross-site scripting XSS vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set...
The vulnerability of the unix_expandpath() function in the Vim text editor allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the unixexpandpath function in the Vim text editor is related to incorrect handling of a special multi-byte character. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
EulerOS Virtualization 3.0.2.2 : libarchive (EulerOS-SA-2020-1488)
According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards version v2.8.0 onwards contains a CWE-835: Loop wit...
Cross-Site Scripting (XSS)
firefox / thunderbird is vulnerable to cross-site scripting XSS. A cross-site scripting XSS flaw was found in the way Firefox handled certain multibyte character sets. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website...
Authorization Bypass
php is vulnerable to authorization bypass. A flaw was found in the handling of the "mbstring.funcoverload" configuration setting. A value set for one virtual host, or in a user's .htaccess file, was incorrectly applied to other virtual hosts on the same server, causing the handling of multibyte...
Stack overflow
Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename...
CVE-2016-8687
Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename...
CVE-2016-8687
Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename...
CVE-2016-8687
Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename...
CVE-2015-5218
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service crash via a crafted file, related to the page global variable...