EUVD-2010-4622

Malware in sbrugna...

EUVD-2015-1740

Malware in sbrugna...

CVE-2020-36213

An issue was discovered in the abistable crate before 0.9.1 for Rust. A retain call can create an invalid UTF-8 string, violating soundness...

GHSA-WQXC-QRQ4-W5V4 Update unsound DrainFilter and RString::retain

An issue was discovered in the abistable crate before 0.9.1 for Rust. A retain call can create an invalid UTF-8 string, violating soundness...

CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

RUSTSEC-2020-0105 Update unsound DrainFilter and RString::retain

Affected versions of this crate contained code from the Rust standard library that contained soundness bugs rust-lang/rust60977 double drop & rust-lang/rust78498 create invalid utf-8 string. The flaw was corrected in v0.9.1 by making a similar fix to the one made in the Rust standard library...

Design/Logic Flaw

The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access...

CVE-2015-1609

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request...

CVE-2015-1609

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request...

Cross site request forgery (csrf)

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request...

CVE-2015-1609

Removed by vendor...

CVE-2015-1609

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request...

ESXi 5.0 < Build 515841 Multiple Vulnerabilities (remote check)

The remote VMware ESXi 5.0 host is affected by the following security vulnerabilities : - A security bypass vulnerability exists in the e1000 driver in the Linux kernel due to improper handling of Ethernet frames that exceed the MTU. An unauthenticated, remote attacker can exploit this, via...

CVE-2010-3444

Buffer overflow in the log2visutf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original...

Buffer overflow

Buffer overflow in the log2visutf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original...

CVE-2010-3444

Buffer overflow in the log2visutf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original...

CVE-2007-3305

Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a...

Heap overflow

Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a...

CVE-2007-2478

Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...