Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unicode unicode vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-6825
Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
4.3
CVSSv2
CVE-2019-12278
Opera through 53 on Android allows Address Bar Spoofing. Characters from several languages are displayed in Right-to-Left order, due to mishandling of several Unicode characters. The rendering mechanism, in conjunction with the "first strong character" concept, may impr...
Opera Opera 52.1.2517.139570
6.8
CVSSv2
CVE-2020-10531
An issue exists in International Components for Unicode (ICU) for C/C++ up to and including 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
Icu-project International Components For Unicode
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Google Chrome
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 33
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
Oracle Banking Extensibility Workbench 14.4.0
Oracle Banking Extensibility Workbench 14.3.0
Nodejs Node.js
7.5
CVSSv2
CVE-2014-9390
Git prior to 1.8.5.6, 1.9.x prior to 1.9.5, 2.0.x prior to 2.0.5, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 on Windows and OS X; Mercurial prior to 3.2.3 on Windows and OS X; Apple Xcode prior to 6.2 beta 3; mine all versions prior to 08-12-2014; libgit2 all versions up to 0...
Git-scm Git
Mercurial Mercurial
Apple Xcode
Apple Xcode 6.2
Eclipse Egit
Eclipse Jgit
Libgit2 Libgit2
2 Metasploit modules
4 Github repositories
4.3
CVSSv2
CVE-2019-19817
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x2e8a Out-of-Bounds Read via crafted Unicode content.
Gonitro Nitro Free Pdf Reader 12.0.0.112
4.3
CVSSv2
CVE-2019-19819
The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content.
Gonitro Nitropdf 12.0.0.112
3.5
CVSSv2
CVE-2013-6430
The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework prior to 3.2.2 does not properly escape certain characters, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a (1) line separator or...
Pivotal Software Spring Framework
5
CVSSv2
CVE-2019-19844
Django prior to 1.11.27, 2.x prior to 2.2.9, and 3.x prior to 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an malicious user to be sent a passwo...
Djangoproject Django
Djangoproject Django 3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
7 Github repositories
4.3
CVSSv2
CVE-2019-19818
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0xa08a Out-of-Bounds Read via crafted Unicode content.
Gonitro Nitro Free Pdf Reader 12.0.0.112
7.8
CVSSv2
CVE-2019-2232
In handleRun of TextLine.java, there is a possible application crash due to improper input validation. This could lead to remote denial of service when processing Unicode with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »