152 matches found
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...
ALPINE-CVE-2025-27835
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...
DEBIAN-CVE-2025-27835
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...
UBUNTU-CVE-2025-27835
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...
Artifex Ghostscript 安全漏洞
Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.05.0, which is caused by a buffer overflow when converting glyphs to...
CVE-2025-27835
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...
CVE-2025-27835
CVE-2025-27835 affects Ghostscript prior to 10.05.0. The issue is a buffer overflow that occurs when converting glyphs to Unicode in the code path psi/zbfont.c, caused by a mismatch in how data is copied (bytes vs. shorts). The vulnerability concerns the Ghostscript PostScript/PDF interpreter and...
CVE-2025-27835
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...
DEBIAN-CVE-2025-2173
A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285. CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292. CVE-2024-52532: Fixed infini...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinit...
glibc: Out of bounds write in iconv may lead to remote code execution
An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of...
RHEL 5 : unixodbc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c CVE-2018-7485 - ...
SUSE CVE-2005-0592
Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service crash or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value...
SUSE CVE-2008-5557
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilterhtmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion,...
SUSE CVE-2009-0153
International Components for Unicode ICU 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences...
SUSE CVE-2016-5270
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to cause a denial of service boolean out-of-bounds write or possibly have unspecified other impact v...
SUSE CVE-2022-25309
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidicaprtltounicode function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and...
CVE-2022-25309
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidicaprtltounicode function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and...