5380 matches found
EUVD-2021-34075
Malicious code in bioql PyPI...
EUVD-2022-43125
Malicious code in bioql PyPI...
EUVD-2025-26756
Malicious code in bioql PyPI...
EUVD-2025-9300
Malicious code in bioql PyPI...
RLSA-2025:11888 Moderate: icu security update
The International Components for Unicode ICU library provides robust and full-featured Unicode services. Security Fixes: icu: Stack buffer overflow in the SRBRoot::addTag function CVE-2025-5222 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
CVE-2025-61582
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A Denial of Dervice vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability permits an unauthenticated actor to crash the application through the submission of specially crafted Unicode input,...
CVE-2025-61582 Ts3 Manager: Unauthenticated Denial of Service possible through specially crafted Unicode input
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A Denial of Dervice vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability permits an unauthenticated actor to crash the application through the submission of specially crafted Unicode input,...
CVE-2025-61582 Ts3 Manager: Unauthenticated Denial of Service possible through specially crafted Unicode input
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A Denial of Dervice vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability permits an unauthenticated actor to crash the application through the submission of specially crafted Unicode input,...
CVE-2025-61582 Ts3 Manager: Unauthenticated Denial of Service possible through specially crafted Unicode input
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A Denial of Dervice vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability permits an unauthenticated actor to crash the application through the submission of specially crafted Unicode input,...
CVE-2025-61582
TS3 Manager (Teamspeak3 server UI) is affected by CVE-2025-61582: an unauthenticated denial-of-service via specially crafted Unicode input submitted to the Server field on the login page. The root cause is improper handling of Unicode tag characters during ASCII conversion, causing an unhandled e...
ts3-manager 输入验证错误漏洞
ts3-manager is a web interface for maintaining the Teamspeak3 server by Jonathan Personal Developer. An input validation error vulnerability exists in ts3-manager version 2.2.1 and earlier, which stems from Unicode tagged characters not being handled correctly during the ASCII conversion process,...
PT-2025-40306
Name of the Vulnerable Software and Affected Versions TS3 Manager versions 2.2.1 and earlier Description TS3 Manager, a web interface for Teamspeak3 servers, contains a flaw that allows an unauthenticated attacker to terminate the application. This occurs by submitting specially crafted Unicode...
ROS-20250929-02
Vulnerability of SRBRoot::addTag function of the library for working with Unicode ICU is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker to execute arbitrary code and cause a crash. an attacker to execute arbitrary...
CVE-2025-59547
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, the CKEditor file upload endpoint has insufficient sanitization for filenames allowing probing network endpoints. A specially crafted request can be made to upload a...
GHSA-XFQM-J7PC-XRFC messageformat has a prototype pollution vulnerability
The messageformat package, an implementation of the Unicode MessageFormat 2 specification for JavaScript, is vulnerable to prototype pollution due to improper handling of message key paths in versions prior to 2.3.0. The flaw arises when processing nested message keys containing special character...
Improper Handling of Unicode Encoding
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Improper Handling of Unicode Encoding in the CKEditor file upload endpoint. An attacker can probing internal network endpoints by...
CVE-2025-59547
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, the CKEditor file upload endpoint has insufficient sanitization for filenames allowing probing network endpoints. A specially crafted request can be made to upload a...
CVE-2025-59547
DNN (DotNetNuke) before version 10.1.0 has a vulnerability in the CKEditor file upload endpoint where filename sanitization allows Unicode-based path traversal that could expose internal network resources. Affected component: CKEditor file upload handler (/api/v1/upload as per PT security doc). I...
CVE-2025-59547 DNN's CKEditor File Uploader functionality vulnerable through Unicode obfuscation
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, the CKEditor file upload endpoint has insufficient sanitization for filenames allowing probing network endpoints. A specially crafted request can be made to upload a...
CVE-2025-59547 DNN's CKEditor File Uploader functionality vulnerable through Unicode obfuscation
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, the CKEditor file upload endpoint has insufficient sanitization for filenames allowing probing network endpoints. A specially crafted request can be made to upload a...