Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/04/22 4:7 p.m.5 views

CVE-2026-35346 uutils coreutils comm Silent Data Corruption via Lossy UTF-8 Normalization

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::fromutf8lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm, whic...

3.3CVSS5.8AI score0.00176EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-34482

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The comm utility silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation utilizes the String::from utf8 lossy function, which replaces...

3.3CVSS6AI score0.00176EPSS
Exploits1References16
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-35749

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00272EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/07/18 3:15 p.m.8 views

CVE-2023-31441

In NATO Communications and Information Agency anet aka Advisor Network through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for loop does not consider that a data structure is being modifi...

5.5CVSS6.1AI score0.00272EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.6 views

SUSE CVE-2010-1210

intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting XSS attacks via crafte...

4.3CVSS8AI score0.01342EPSS
Exploits1References5
Rows per page
Query Builder