Lucene search
K

12 matches found

Cvelist
Cvelist
added yesterday11 views

CVE-2025-58146 XAPI UTF-8 string handling

There are multiple issues. 1. Updates to the XAPI database sanitise input strings, but try generating the notification using the unsanitised input. This causes the database's event thread to terminate and cease further processing. 2. XAPI's UTF-8 encoder implements v3.0 of the Unicode spec, but...

9.4CVSS
Exploits0References1
OSV
OSV
added 2026/06/19 8:47 p.m.6 views

GHSA-3J69-69WJ-XQX2 UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()

Summary ujson.dumps or ujson.dump or ujson.encode have a rejectbytes=False option. When set, they may accept malformed or truncated UTF-8 byte sequences, silently rewriting them into different Unicode characters instead of rejecting them. This leads to input validation bypass and data integrity...

6.5CVSS5.7AI score0.00272EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.8 views

openSUSE 16 Security Update : opencc (openSUSE-SU-2026:20683-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20683-1 advisory. Update to version 1.2.0. Security issues fixed: - CVE-2025-15536: specifically crafted string can lead to out-of-bounds read bsc1256930. Other updates a...

5.5CVSS6.1AI score0.0023EPSS
Exploits1References3
CVE
CVE
added 2026/04/22 4:9 p.m.22 views

CVE-2026-35373

The CVE-2026-35373 issue affects the ln utility in uutils/coreutils. A logic error causes ln to reject source paths containing non-UTF‑8 filename bytes when using target-directory forms (for example, ln SOURCE... DIRECTORY). Unlike GNU ln, which treats filenames as raw bytes, the uutils implement...

5.5CVSS5.7AI score0.00121EPSS
Exploits1References1Affected Software1
SUSE Linux
SUSE Linux
added 2026/04/14 1:15 p.m.5 views

Security update for clamav

This update for clamav fixes the following issues: Update to clamav 1.5.2: CVE-2026-20031: improper error handling in the HTML CSS module when splitting UTF-8 strings can lead to denial of service conditions via a crafted HTML file bsc1259207. Non security issue: Support transactional updates...

6.9CVSS5.8AI score0.00414EPSS
Exploits0References10
AlpineLinux
AlpineLinux
added 2026/03/04 5:17 p.m.8 views

CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

5.3CVSS5.8AI score0.00414EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.5 views

PT-2026-22974

Name of the Vulnerable Software and Affected Versions ClamAV versions prior to 1.5.2 ClamAV versions prior to 1.4.4 Description A flaw exists in the HTML Cascading Style Sheets CSS module of ClamAV that could allow a remote, unauthenticated attacker to cause a denial of service DoS condition. Thi...

5.3CVSS5.9AI score0.00414EPSS
Exploits0References28
CNNVD
CNNVD
added 2025/04/26 12:0 a.m.5 views

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Format PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which stems from the improper handling of long...

4.5CVSS4.6AI score0.00156EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/04/28 4:42 p.m.5 views

expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution

A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences for example, from start tag names to the XML processing application on top of expat can lead to arbitrary code execution. This issue is dependent on how invalid UTF-8 is handled inside the XML processor...

9.8CVSS7.5AI score0.04955EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/16 4:21 p.m.3 views

expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution

A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences for example, from start tag names to the XML processing application on top of expat can lead to arbitrary code execution. This issue is dependent on how invalid UTF-8 is handled inside the XML processor...

9.8CVSS7.5AI score0.04955EPSS
Exploits0References5
OSV
OSV
added 2017/12/20 12:0 a.m.5 views

UBUNTU-CVE-2017-17784

In GIMP 2.8.22, there is a heap-based buffer over-read in loadimage in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data...

7.8CVSS6.9AI score0.01463EPSS
Exploits0References7
OSV
OSV
added 2006/10/24 6:7 p.m.1 views

DEBIAN-CVE-2006-4573

Multiple unspecified vulnerabilities in the "utf8 combining characters handling" utf8handlecomb function in encoding.c in screen before 4.0.3 allows user-assisted attackers to cause a denial of service crash or hang via certain UTF8 sequences...

2.6CVSS6.9AI score0.02113EPSS
Exploits1References1
Rows per page
Query Builder