Linux Distros Unpatched Vulnerability : CVE-2026-39824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString a 16-bit number o...

CLSA-2026-1778492641 perl: Fix of 2 CVEs

CVE-2023-47038: fix write past buffer end via illegal user-defined Unicode property, for almalinux9.2esu - CVE-2025-40909: clone dirhandles without fchdir, for almalinux9.2esu...

CLSA-2026-1774363216 vim: Fix of 3 CVEs

CVE-2026-28420: fix heap-buffer-overflow in :terminal when processing Unicode combining characters from supplementary planes - CVE-2026-28418: fix OOB read in Emacs tags parsing with overlong tag file - CVE-2026-28419: fix heap-buffer-underflow in Emacs tags parsing when delimiter appears at...

Security update for glib2

This update for glib2 fixes the following issues: CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing bsc1257354. CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encodi...

MiracleLinux 8 : nodejs:10 (AXSA:2020-281:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-281:01 advisory. ICU: Integer overflow in UnicodeString::doAppend CVE-2020-10531 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : icu-60.3-2.el8 (AXSA:2020-131:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-131:03 advisory. ICU: Integer overflow in UnicodeString::doAppend CVE-2020-10531 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 4 : firefox-60.3.0-1.0.1.AXS4 (AXSA:2018-3377:08)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3377:08 advisory. Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 CVE-2018-12390 Mozilla: Crash with nested event loops CVE-2018-12392 Mozilla:...

CVE-2026-21491

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...

CVE-2026-21491

CVE-2026-21491 affects iccDEV libraries prior to version 2.3.1.2. The vulnerability is a Unicode buffer overflow in CIccTagTextDescription when processing ICC color profiles. Version 2.3.1.2 contains a patch; no workarounds are noted in the provided documents. Remediate by upgrading to 2.3.1.2 or...

CVE-2026-21491 iccDEV has unicode buffer overflow in CIccTagTextDescription

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...

CVE-2010-20042

Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler SEH chain, allowing an attacker to hijack...

XAMPPv3.3.0-BOF

XAMPPv3.3.0-BOF Proof-of-Concept exploit code for XAMPP v3.3.0...

ICU: Integer overflow in UnicodeString::doAppend()

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

ALPINE-CVE-2020-10531

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

SUSE-SU-2018:3749-2 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Security issues fixed: - Update to Mozilla Firefox 60.3.0esr: MFSA 2018-27 bsc1112852 - CVE-2018-12392: Crash with nested event loops. - CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript. - CVE-2018-12395...

Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow

Exploit for windows platform in category local exploits ?php // Adobe Photoshop CS5.1 U3D.8bi Library Collada Asset Elements // Unicode Conversion Stack Based Buffer Overflow poc .dae // 32bit/SEH // // unicode overflow occurs when overlong asset elements are processed // one could be able to...

RadASM 2.2.1.5 .mnu Local Unicode Overflow

============================================================================= » RadASM 2.2.1.5 .mnu File Local Unicode Overflow Poc SEH » By : SkuLL-HacKeR » Email : [email protected] & [email protected] » Note : Hacker R0x Lamerz S3 x...

python: stringobject, unicodeobject integer overflows

Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by 1 the stringexpandtabs function in Objects/stringobject.c and 2 the...

Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow

IHS Iran Homeland Security Public advisory by : c0d3r "Kaveh Razavi" [email protected] Title : Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow information : Quick 'n Easy FTP Server is a simple and handy FTP server which is developed by Pablo van der Meer . there is a unicode...

Windows mplay32 buffer overflow

Microsoft is aware of the vulnerability. Since this successful remote exploitation of this vulnerability depends on other mitigating factors, Microsoft believes it is not worthy of a bulletin. This overflow will be fixed in XP service pack 1. I will explain my understanding of the vulnerability...