152 matches found
OESA-2026-1080 assimp security update
Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A weakness has been identified in Op...
MiracleLinux 7 : firefox-60.3.0-1.0.1.el7.AXS7 (AXSA:2018-3376:08)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3376:08 advisory. Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 CVE-2018-12390 Mozilla: Crash with nested event loops CVE-2018-12392 Mozilla:...
Slackware: Security Advisory (SSA:2026-009-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-11964
On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, utf16letoutf8truncated can write data beyond the end of the provided buffer...
[SECURITY] Fedora 43 Update: sigil-2.6.2-3.fc43
Sigil is a multi-platform WYSIWYG ebook editor. It is designed to edit books in ePub format. Now what does it have to offer... Full Unicode support: everything you see in Sigil is in UTF-16 Full EPUB spec support WYSIWYG editing Multiple Views: Book View, Code View and Split View Metadata editor...
UBUNTU-CVE-2025-40082
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc BUG: KASAN: slab-out-of-bounds in hfsplusuni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at addr ffff8880289ef218 by task syz.6.248/14290 CPU: 0 UID: 0 PID: 14290...
CVE-2025-40082
CVE-2025-40082 targets the Linux kernel’s hfsplus code and causes a slab-out-of-bounds read in hfsplus_uni2asc() when listing extended attributes. The issue arises because the expected unicode buffer structure size varies (hfsplus_attr_unistr vs hfsplus_unistr), so a previous fix was insufficient...
EUVD-2017-2644
Malware in sbrugna...
EUVD-2007-4425
Malware in sbrugna...
EUVD-2018-13141
Malware in sbrugna...
EUVD-2007-4568
Malware in sbrugna...
EUVD-2025-8088
Malicious code in bioql PyPI...
cifs: prevent NULL pointer dereference in UTF16 conversion
...
CVE-2025-39838
CVE-2025-39838 (Linux kernel CIFS UTF16 conversion) Description context: A NULL pointer dereference can occur during UTF16 conversion in the CIFS code path of the Linux kernel. Specifically, a NULL value can be passed to __cifs_sfu_make_node, which then propagates to cifs_strndup_to_utf16 and eve...
Linux Distros Unpatched Vulnerability : CVE-2025-38713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc The hfsplusreaddir method is capable to crash by calling hfsplusuni2asc: 667.121659 T9805...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from hfsplus not checking Unicode conversion boundaries...
Linux Distros Unpatched Vulnerability : CVE-2018-11740
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libtskbase.a in The Sleuth Kit TSK from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the...
CVE-2011-10025
Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structur...
CVE-2011-10025
Subtitle Processor 7.7.1 contains a buffer overflow in the .m3u file parser. A crafted playlist triggers Unicode conversion and copies input to a fixed-size stack buffer, allowing overwriting the Structured Exception Handler (SEH) and enabling arbitrary code execution. Root cause: insufficient bo...
CVE-2011-10025
Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structur...