Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unicode project unicode vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc...
Shadow Project Shadow 4.13
NA
CVE-2009-1834
Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox prior to 3.0.11 and SeaMonkey prior to 1.1.17 allows remote malicious users to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrate...
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.5
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.5
Mozilla Firefox 0.10.1
Mozilla Firefox 0.2
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0
Mozilla Firefox 3.0.9
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.0.99
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.9
Mozilla Firefox 2.0.0.19
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0
1 EDB exploit
3.3
CVSSv3
CVE-2021-4217
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Fedoraproject Fedora 35
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
7.5
CVSSv3
CVE-2021-44758
Heimdal prior to 7.7.1 allows malicious users to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.
Heimdal Project Heimdal
9.8
CVSSv3
CVE-2022-44640
Heimdal prior to 7.7.1 allows remote malicious users to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
Heimdal Project Heimdal
Samba Samba
7.5
CVSSv3
CVE-2022-41916
Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions before 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applica...
Heimdal Project Heimdal
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2006-1942
Mozilla Firefox 1.5.0.2 and possibly other versions prior to 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote malicious users to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then...
K-meleon Project K-meleon 0.9.13
Mozilla Firefox 1.5.0.2
Netscape Navigator 7.2
Netscape Navigator 8.0.40
Netscape Navigator 8.1
5.5
CVSSv3
CVE-2022-0529
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
8.8
CVSSv3
CVE-2022-42898
PAC parsing in MIT Kerberos 5 (aka krb5) prior to 1.19.4 and 1.20.x prior to 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and...
Mit Kerberos 5
Mit Kerberos 5 1.20
Heimdal Project Heimdal
Samba Samba
5.5
CVSSv3
CVE-2022-0530
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Macos
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »