TencentOS Server 4: python3.11 (TSSA-2025:0531)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0531 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2011-10025

Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structur...

CVE-2010-20042

Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler SEH chain, allowing an attacker to hijack...

CVE-2010-20042

Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler SEH chain, allowing an attacker to hijack...

CVE-2010-20042 Xion Audio Player ≤ 1.0.126 Unicode Stack Buffer Overflow

Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler SEH chain, allowing an attacker to hijack...

CVE-2010-20042 Xion Audio Player ≤ 1.0.126 Unicode Stack Buffer Overflow

Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler SEH chain, allowing an attacker to hijack...

CVE-2010-20042

CVE-2010-20042 affects Xion Audio Player prior to version 1.0.126, which is vulnerable to a Unicode-based stack buffer overflow triggered by processing specially crafted .m3u playlists. The overflow overwrites the SEH chain, allowing an attacker to hijack execution flow and run arbitrary code. Im...

CVE-2011-10025

Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structur...

CVE-2011-10025

Subtitle Processor 7.7.1 contains a buffer overflow in the .m3u file parser. A crafted playlist triggers Unicode conversion and copies input to a fixed-size stack buffer, allowing overwriting the Structured Exception Handler (SEH) and enabling arbitrary code execution. Root cause: insufficient bo...

CVE-2011-10025 Subtitle Processor 7.7.1 .m3u SEH Unicode Buffer Overflow

Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structur...

CVE-2011-10025 Subtitle Processor 7.7.1 .m3u SEH Unicode Buffer Overflow

Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structur...

Xion Audio Player 安全漏洞

Xion Audio Player is an audio player from Xion Audio Player, Inc. A security vulnerability exists in Xion Audio Player versions prior to 1.0.126, which stems from a Unicode-based stack buffer overflow when processing specially crafted .m3u playlist files, which could lead to the execution of...

PT-2025-34096

Name of the Vulnerable Software and Affected Versions Xion Audio Player versions prior to 1.0.126 Description A Unicode-based stack buffer overflow occurs when opening a specially crafted .m3u playlist file. The file contains an excessively long string that overwrites the Structured Exception...

Linux Distros Unpatched Vulnerability : CVE-2021-37712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The npm package tar aka node-tar before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability...

Photon OS 5.0: Icu PHSA-2025-5.0-0578

An update of the icu package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0578. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid25227...

Linux Distros Unpatched Vulnerability : CVE-2017-15396

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack buffer overflow in NumberingSystem in International Components for Unicode ICU for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202....

Linux Distros Unpatched Vulnerability : CVE-2025-4516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not using the unicodeescape encoding or an error handler you...

Photon OS 4.0: Icu PHSA-2025-4.0-0846

An update of the icu package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0846. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid25226...

CLSA-2025-1755270833 Fix CVE(s): CVE-2025-1795

SECURITY UPDATE: incorrect unicode encoding of separating comma in folded address list - debian/patches/CVE-2025-1795.patch: Fix misfolding of comma in address- lists over multiple lines in combination with unicode encoding - CVE-2025-1795...

libxml2: Out-of-Bounds Read in libxml2

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...