CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Xen Security Advisory 474 v2 CVE-2025-58146 - XAPI UTF-8 string handling https://t.co/J86NHa4URx Buggy or malicious inputs to XAPI can cause a Denial of Service 3/3...

6.8AI score

Exploits0References1

CNNVD•added 2025/09/09 12:0 a.m.•1 views

Xen Security Vulnerabilities

Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen, which stems from the...

5.8AI score

Exploits0References1

OSV•added 2024/05/30 12:17 p.m.•7 views

SUSE-SU-2024:1862-1 Security update for python

This update for python fixes the following issues: - CVE-2023-52425: Fixed using the system libexpat bsc1219559. - CVE-2023-27043: Modifed fix for unicode string handling in email.utils.parseaddr bsc1222537. - CVE-2022-48560: Fixed use-after-free in Python via heappushpop in heapq bsc1214675. -...

7.5CVSS6.7AI score0.01552EPSS

Exploits3References11

Positive Technologies•added 2023/09/24 12:0 a.m.•2 views

PT-2023-36038 · Icu · Icu

Name of the Vulnerable Software and Affected Versions: icu 74 affected versions not specified Description: The issue is related to a crash in the icu 74 library, specifically in the UnicodeString class. The crash occurs when the copyFrom function is called, leading to a segmentation fault on an...

6.8AI score

Exploits0References2

SUSE CVE•added 2023/02/15 6:7 a.m.•3 views

SUSE CVE-2008-3142

Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...

7.5CVSS7.3AI score0.00998EPSS

Exploits3References5

SUSE CVE•added 2023/02/15 5:51 a.m.•1 views

SUSE CVE-2011-2932

Cross-site scripting XSS vulnerability in activesupport/lib/activesupport/coreext/string/outputsafety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a...

4.3CVSS6.7AI score0.00813EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 4:29 a.m.•2 views

SUSE CVE-2018-7438

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parseunicodestring function...

8.8CVSS7.3AI score0.00665EPSS

Exploits1References5

Amazon•added 2023/01/20 12:0 a.m.•76 views

Low: unzip

Issue Overview: A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. CVE-2021-4217 A flaw was found i...

5.5CVSS6AI score0.00242EPSS

Exploits3

OpenVAS•added 2022/01/28 12:0 a.m.•15 views

Mageia: Security Advisory (MGASA-2017-0473)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS5.2AI score0.0054EPSS

Exploits0References5

BDU FSTEC•added 2022/01/17 12:0 a.m.•1 views

The vulnerability of the NTFS file system driver for the FUSE NTFS-3G module, related to writing beyond the buffer boundary, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the NTFS file system driver for the FUSE NTFS-3G module is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures through a specially created Unicod...

7.8CVSS6.8AI score0.00128EPSS

Exploits0References12Affected Software5

Microsoft CVE•added 2021/12/16 8:0 a.m.•1 views

In NTFS-3G versions < 2021.8.22 when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.

...

7.8CVSS8.5AI score0.00128EPSS

Exploits0

OSV•added 2021/09/30 11:3 a.m.•2 views

OESA-2021-1365 ntfs-3g security update

NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS driver for Linux and many other operating systems. It provides safe handling of the Windows XP, Windows Server 2003, Windows 2000, Windows Vista, Windows Server 2008 and Windows 7 NTFS file systems. Security Fixes: In NTFS-3G...

7.8CVSS8AI score0.00162EPSS

Exploits0References22