Lucene search
K

16 matches found

Debian CVE
Debian CVE
added 2025/11/03 12:0 a.m.5 views

CVE-2025-29699

NetSurf 3.11 is vulnerable to Use After Free in domnodesettextcontent function...

6.5CVSS5.2AI score0.00296EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/11/03 12:0 a.m.6 views

PT-2025-44764

Name of the Vulnerable Software and Affected Versions NetSurf version 3.11 Description NetSurf version 3.11 contains a Use After Free issue within the dom node set text content function. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

6.5CVSS6.5AI score0.00296EPSS
Exploits1References5
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:14 p.m.6 views

The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.

...

6.8CVSS7AI score0.06593EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/03/09 10:47 a.m.5 views

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

5.5CVSS6.8AI score0.0048EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.5 views

SUSE CVE-2010-1196

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a...

9.3CVSS9.5AI score0.04879EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.4 views

SUSE CVE-2018-10194

The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...

7CVSS7.5AI score0.01905EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.5 views

SUSE CVE-2019-20352

In Netwide Assembler NASM 2.15rc0, a heap-based buffer over-read occurs via a crafted .asm file in settextfree when called from expandonesmacro in asm/preproc.c...

7.1CVSS7.8AI score0.00837EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/12/09 12:0 a.m.6 views

The vulnerability in the implementation of PreparedStatement.setText() or PreparedStatement.setBytea() methods of the JDBC driver (PgJDBC) for connecting Java programs to PostgreSQL allows a hacker to exploit the protected information.

The vulnerability in the implementation of PreparedStatement.setText or PreparedStatement.setBytea methods of the PgJDBC driver for connecting Java programs to PostgreSQL lies in the use of insecure temporary files. Exploiting this vulnerability could allow an attacker to disclose sensitive...

5.5CVSS6.2AI score0.0048EPSS
Exploits1References8Affected Software4
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.6 views

PT-2022-5790 · Pgjdbc +8 · Pgjdbc +8

Name of the Vulnerable Software and Affected Versions: pgjdbc versions prior to 4.5.0 Description: The issue is related to the implementation of the PreparedStatement.setText or PreparedStatement.setBytea methods in the PgJDBC driver, which can lead to the creation of temporary files that are...

10CVSS6.7AI score0.0481EPSS
Exploits3References74
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.5 views

The vulnerability of the set_text_free function in the Netwide Assembler (NASM) assembly language allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the settextfree function in the Netwide Assembler NASM is related to the execution of operations outside the buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.3AI score0.00837EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/12/10 12:0 a.m.7 views

The vulnerability of the set_text_distance function in the pdfwrite component of the software for processing, transforming, and generating Ghostscript documents allows a hacker to trigger a service failure.

The vulnerability of the settextdistance function in the pdfwrite component of the Ghostscrip software suite for document processing, conversion, and generation is related to an error that causes an attempt to output an infinite number of items. Exploiting this vulnerability could allow a malicio...

7.8CVSS7.1AI score0.01905EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2018/04/23 12:0 a.m.3 views

Ghostscript Arbitrary Code Execution Vulnerability

Artifex Ghostscript is the United States Artifex Software, Inc. of an open source PostScript a page description language used in the electronic industry and desktop publishing and programming languages parser, which can display Postscript files and print on non-Postscript printer. pdfwrite is one...

7.8CVSS7.2AI score0.01905EPSS
Exploits0References1
OSV
OSV
added 2018/04/18 9:29 p.m.4 views

ALPINE-CVE-2018-10194

The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...

7.8CVSS7.5AI score0.01905EPSS
Exploits0References1
OSV
OSV
added 2018/04/18 12:0 a.m.6 views

UBUNTU-CVE-2018-10194

The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...

7.8CVSS7.2AI score0.01905EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2010/06/22 10:29 p.m.7 views

nsGenericDOMDataNode:: SetTextInternal

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a...

9.3CVSS8.2AI score0.04879EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/08/10 5:28 p.m.4 views

security flaw

Format string vulnerability in the protoitemsettext function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet...

7.5CVSS6AI score0.06143EPSS
Exploits0References4
Rows per page
Query Builder