10 matches found
Astra Linux - уязвимость в aspell
The libaspell.a module in GNU Aspell prior to version 0.60.8 has a stack-based buffer overflow issue in the common::unescape function within common/getdata.cpp, caused by an isolated \ character...
Denial Of Service (DoS)
github.com/mattermost/mattermost-server is vulnerable to Denial Of Service DoS. The vulnerability exists because the Unescape function of inlines.go does not efficiently process Markdown strings, allowing an attacker to cause an application crash by sending a direct message containing a large...
SUSE CVE-2010-0416
Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a URL argument containing a % percent...
SUSE CVE-2016-7167
Multiple integer overflows in the 1 curlescape, 2 curleasyescape, 3 curlunescape, and 4 curleasyunescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow...
SUSE CVE-2019-17544
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character...
GNU Aspell Buffer Overflow Vulnerability
GNU Aspell is a free, open source spell checker. A stack buffer overflow vulnerability exists in acommon::unescape in common/getdata.cpp in libaspell.a in versions prior to GNU Aspell 0.60.8, which can be exploited by an attacker to cause, among other things, a buffer overflow or heap overflow...
cmseasy最新版存储型XSS+代码分析(可绕过xss防护机制)
简要描述: cmseasy 5.5.0.20140605 详细说明: bbs/ajax.php $data = array; $POST'content' = unescape$POST'content'; $data'aid' = isset$POST'aid' ? intval$POST'aid' : exit0; $data'tid' = isset$POST'tid' ? intval$POST'tid' : 0; $data'content' = isset$POST'content' ? $POST'content' : exit0; $data'username' =...
CVE-2010-0416
Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a URL argument containing a % percent...
CVE-2010-0416
Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a URL argument containing a % percent...
RealPlayer: URL unescape buffer overflow
Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a URL argument containing a % percent...