CVE-2026-6231

The bsonvalidate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. The issue may affect applications that re...

Numeric Truncation Error

Overview Affected versions of this package are vulnerable to Numeric Truncation Error due to improper conversion of string length from an int64/int32 to an int16 without checks for overflows. values in the process handling UTF-8 encoded data. An attacker can cause packet corruption or unintended...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

SUSE CVE-2022-40960

Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

ALPINE-CVE-2020-7046

lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop...

DEBIAN-CVE-2016-6263

The stringpreputf8nfkcnormalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted UTF-8 data...

UBUNTU-CVE-2016-6263

The stringpreputf8nfkcnormalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted UTF-8 data...

Perl Denial of Service Vulnerability (CNVD-2016-03650)

Perl is a free and powerful cross-platform programming language developed by American programmer Larry Wall. A denial of service vulnerability exists in the 'Sreghop3', 'Sreghop4', and 'Sreghopmaybe3' functions in the regexec.c file in Perl 5.23.9 and earlier versions. ' functions contain denial ...

UBUNTU-CVE-2015-8853

The 1 Sreghop3, 2 Sreghop4, and 3 Sreghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service infinite loop via crafted utf-8 data, as demonstrated by "a\x80."...

UBUNTU-CVE-2016-4574

Off-by-one error in the appendutf8value function in the DN decoder dn.c in Libksba before 1.3.4 allows remote attackers to cause a denial of service out-of-bounds read via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356...

PT-2016-5902 · Kde +2 · Libksba +2

Name of the Vulnerable Software and Affected Versions: Libksba versions prior to 1.3.3 Description: The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds read, by manipulating the high bit of the byte after invalid utf-8 encoded data in the append utf8 valu...

DEBIAN-CVE-2002-0703

An interaction between the Perl MD5 module perl-Digest-MD5 and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data...