OSV-2021-841 Heap-use-after-free in AK::StringImpl::create

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34973 Crash type: Heap-use-after-free READ Crash state: AK::StringImpl::create AK::String::String AK::URLParser::parsedataurl...

OSV-2021-830 Heap-use-after-free in AK::Utf8CodePointIterator::operator*

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34911 Crash type: Heap-use-after-free READ 1 Crash state: AK::Utf8CodePointIterator::operator AK::URLParser::parse AK::URL::URL...

Null pointer dereference

The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036...

CVE-2010-2477

Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...

CVE-2010-2477

Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...