Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2025-2579)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-14744

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0...

UBUNTU-CVE-2025-14744

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability affects Firefox for iOS 144.0...

CVE-2025-14744

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0...

CVE-2025-14744

CVE-2025-14744 concerns Unicode RTLO spoofing in Firefox for iOS prior to version 144.0. The issue allows a malicious website to render spoofed filenames in the downloads UI, potentially misleading users into saving files with an unintended file type. Affected product: Firefox for iOS

CVE-2025-14744 Filename spoofing via Unicode Right-to-Left Override in Firefox for iOS

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0...

CVE-2025-14744

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0...

cpython: python: CPython DecodeError Handling Vulnerability

A vulnerability has been identified in CPython's bytes.decode function when used with the "unicodeescape" encoding and the "ignore" or "replace" error handling modes. This flaw can result in the incorrect decoding of byte strings. While this may not directly lead to traditional security breaches...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 144.0, which stems from improper handling of Unicode RTLO characters and can lead to filename spoofing attacks...

EulerOS Virtualization 2.13.0 : icu (EulerOS-SA-2025-2579)

According to the versions of the icu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct...

EulerOS Virtualization 2.13.1 : icu (EulerOS-SA-2025-2544)

According to the versions of the icu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct...

GHSA-J5VQ-62GR-8V3R Mattermost fails to check Websocket request for proper UTF-8 format potentially crashing Calls plug-in

Mattermost versions 11.0.x = 11.0.4, 10.12.x = 10.12.2, 10.11.x = 10.11.6 fail to check WebSocket request field for proper UTF-8 format, which allows attacker to crash Calls plug-in via sending malformed request...

CVE-2025-6966

A flaw was found in python-apt. This vulnerability allows a local attacker to cause a denial of service Denial of Service process crash via a crafted deb822 file with a malformed non-UTF-8 key. Mitigation Mitigation for this issue is either not available or the currently available options do not...

Security and Detectability Analysis of Unicode Text Watermarking Methods against Large Language Models

Securing digital text is becoming increasingly relevant due to the widespread use of large language models. Individuals' fear of losing control over data when it is being used to train such machine learning models or when distinguishing model-generated output from text written by humans. Digital...

Security update for rhino

This update for rhino fixes the following issues: Update to version 1.7.15.1. Security issues fixed: CVE-2025-66453: high CPU consumption when processing specific numbers via the toFixed function bsc1254481. Other changes and issues fixed: Version 1.7.15: Basic support for "rest parameters"...

SUSE-SU-2025:4390-1 Security update for rhino

This update for rhino fixes the following issues: Update to version 1.7.15.1. Security issues fixed: - CVE-2025-66453: high CPU consumption when processing specific numbers via the toFixed function bsc1254481. Other changes and issues fixed: - Version 1.7.15: Basic support for 'rest parameters'...

Incomplete Filtering

validator is vulnerable to Incomplete Filtering.The vulnerability is due to improper handling of Unicode variation selectors \uFE0F, \uFE0E, where these characters are not counted toward string length, allowing attackers to submit inputs far longer than intended and potentially causing data...

Exploit for CVE-2025-12758

CVE-2025-12758: Validator.js isLength Unicode Variation Sele...

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-2488)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...

EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2529)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...