16 matches found
CVE-2025-29699
NetSurf 3.11 is vulnerable to Use After Free in domnodesettextcontent function...
PT-2025-44764
Name of the Vulnerable Software and Affected Versions NetSurf version 3.11 Description NetSurf version 3.11 contains a Use After Free issue within the dom node set text content function. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.
...
postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions
A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...
SUSE CVE-2010-1196
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a...
SUSE CVE-2018-10194
The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...
SUSE CVE-2019-20352
In Netwide Assembler NASM 2.15rc0, a heap-based buffer over-read occurs via a crafted .asm file in settextfree when called from expandonesmacro in asm/preproc.c...
The vulnerability in the implementation of PreparedStatement.setText() or PreparedStatement.setBytea() methods of the JDBC driver (PgJDBC) for connecting Java programs to PostgreSQL allows a hacker to exploit the protected information.
The vulnerability in the implementation of PreparedStatement.setText or PreparedStatement.setBytea methods of the PgJDBC driver for connecting Java programs to PostgreSQL lies in the use of insecure temporary files. Exploiting this vulnerability could allow an attacker to disclose sensitive...
PT-2022-5790 · Pgjdbc +8 · Pgjdbc +8
Name of the Vulnerable Software and Affected Versions: pgjdbc versions prior to 4.5.0 Description: The issue is related to the implementation of the PreparedStatement.setText or PreparedStatement.setBytea methods in the PgJDBC driver, which can lead to the creation of temporary files that are...
The vulnerability of the set_text_free function in the Netwide Assembler (NASM) assembly language allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the settextfree function in the Netwide Assembler NASM is related to the execution of operations outside the buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the set_text_distance function in the pdfwrite component of the software for processing, transforming, and generating Ghostscript documents allows a hacker to trigger a service failure.
The vulnerability of the settextdistance function in the pdfwrite component of the Ghostscrip software suite for document processing, conversion, and generation is related to an error that causes an attempt to output an infinite number of items. Exploiting this vulnerability could allow a malicio...
Ghostscript Arbitrary Code Execution Vulnerability
Artifex Ghostscript is the United States Artifex Software, Inc. of an open source PostScript a page description language used in the electronic industry and desktop publishing and programming languages parser, which can display Postscript files and print on non-Postscript printer. pdfwrite is one...
ALPINE-CVE-2018-10194
The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...
UBUNTU-CVE-2018-10194
The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...
nsGenericDOMDataNode:: SetTextInternal
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a...
security flaw
Format string vulnerability in the protoitemsettext function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet...