Lucene search
K

152 matches found

SUSE Linux
SUSE Linux
added 2025/04/03 11:53 a.m.1 views

Security update for ghostscript

This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...

7.1CVSS7.1AI score0.00806EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2025/04/02 2:49 p.m.1 views

Security update for ghostscript

This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...

7.1CVSS7.8AI score0.00806EPSS
Exploits0References16
OSV
OSV
added 2025/03/25 9:15 p.m.2 views

ALPINE-CVE-2025-27835

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...

7.8CVSS7.5AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2025/03/25 9:15 p.m.0 views

DEBIAN-CVE-2025-27835

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...

7.8CVSS6.8AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2025/03/25 9:15 p.m.2 views

UBUNTU-CVE-2025-27835

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...

7.8CVSS7.3AI score0.00288EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.3 views

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.05.0, which is caused by a buffer overflow when converting glyphs to...

7.8CVSS6.6AI score0.00288EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/25 12:0 a.m.18 views

CVE-2025-27835

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...

0.00288EPSS
Exploits0References1
CVE
CVE
added 2025/03/25 12:0 a.m.139 views

CVE-2025-27835

CVE-2025-27835 affects Ghostscript prior to 10.05.0. The issue is a buffer overflow that occurs when converting glyphs to Unicode in the code path psi/zbfont.c, caused by a mismatch in how data is copied (bytes vs. shorts). The vulnerability concerns the Ghostscript PostScript/PDF interpreter and...

7.8CVSS7.3AI score0.00288EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2025/03/25 12:0 a.m.7 views

CVE-2025-27835

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...

7.8CVSS7.7AI score0.00288EPSS
Exploits0
OSV
OSV
added 2025/03/11 7:15 a.m.2 views

DEBIAN-CVE-2025-2173

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

7.5CVSS5.3AI score0.00563EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/02/03 9:17 a.m.3 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285. CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292. CVE-2024-52532: Fixed infini...

8.7CVSS7.8AI score0.00933EPSS
Exploits2References12
SUSE Linux
SUSE Linux
added 2024/12/17 8:53 a.m.4 views

Security update for libsoup2

This update for libsoup2 fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinit...

8.7CVSS7.4AI score0.00933EPSS
Exploits2References12
RedHat Linux
RedHat Linux
added 2024/05/28 2:14 p.m.6 views

glibc: Out of bounds write in iconv may lead to remote code execution

An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of...

7.3CVSS7.2AI score0.8833EPSS
Exploits16References5
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.22 views

RHEL 5 : unixodbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c CVE-2018-7485 - ...

10AI score0.03082EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:18 a.m.3 views

SUSE CVE-2005-0592

Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service crash or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value...

7.5CVSS8.1AI score0.03861EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.5 views

SUSE CVE-2008-5557

Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilterhtmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion,...

10CVSS8.2AI score0.07371EPSS
Exploits2References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.3 views

SUSE CVE-2009-0153

International Components for Unicode ICU 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences...

4.3CVSS6AI score0.0368EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.1 views

SUSE CVE-2016-5270

Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to cause a denial of service boolean out-of-bounds write or possibly have unspecified other impact v...

9.8CVSS7.9AI score0.03931EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.2 views

SUSE CVE-2022-25309

A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidicaprtltounicode function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and...

6.6CVSS7AI score0.00479EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2022/09/06 6:15 p.m.5 views

CVE-2022-25309

A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidicaprtltounicode function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and...

5.5CVSS6.9AI score0.00479EPSS
Exploits1References7
Rows per page
Query Builder