CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2020-10531 – ICU: Integer overflow in UnicodeString::doAppend()
https://notcve.org/view.php?id=CVE-2020-10531
12 Mar 2020 — An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. Se detectó un problema en International Components for Unicode (ICU) para C/C++ versiones hasta 66.1. Se presenta un desbordamiento de enteros, conllevando a un desbordamiento de búfer en la región heap de la memoria, en la función UnicodeString::doAppend() en el archivo common/unistr... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2018-18928
https://notcve.org/view.php?id=CVE-2018-18928
04 Nov 2018 — International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp. International Components for Unicode (ICU) for C/C++ 63.1 tiene un desbordamiento de enteros en number::impl::DecimalQuantity::toScientificString() en i18n/number_decimalquantity.cpp. • https://bugs.chromium.org/p/chromium/issues/detail?id=900059 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17484
https://notcve.org/view.php?id=CVE-2017-17484
10 Dec 2017 — The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC. La función ucnv_UTF8FromUTF8 en ucnv_u8.cpp en International Components for Unicode (ICU) para C/C++ hasta la versión 60.1 gestiona de ... • https://github.com/znc/znc/issues/1459 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 1%CPEs: 10EXPL: 0CVE-2017-15422 – chromium-browser: integer overflow in icu
https://notcve.org/view.php?id=CVE-2017-15422
07 Dec 2017 — Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Un desbordamiento de enteros en el manejo de fechas internacionales en International Components for Unicode (ICU) for C/C++ en versiones anteriores a la 60.1, tal y como se emplea en V8 en Google Chrome en versiones anteriores a la... • https://access.redhat.com/errata/RHSA-2017:3401 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2017-15396 – chromium-browser: stack overflow in v8
https://notcve.org/view.php?id=CVE-2017-15396
30 Oct 2017 — A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de búfer basado en pila en NumberingSystem en International Components for Unicode (ICU) for C/C++ en versiones anteriores a la 60.2, tal y como se emplea en V8 en Google Chrome en versiones anteriores a la 62.0.3202.75... • http://bugs.icu-project.org/trac/changeset/40494 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2017-14952
https://notcve.org/view.php?id=CVE-2017-14952
16 Oct 2017 — Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue. Doble liberación (double free) en i18n/zonemeta.cpp en International Components for Unicode (ICU) para C/C++ hasta la versión 59.1 permite que atacantes remotos ejecuten código arbitrario mediante una cadena manipulada. Esto también se conoce como "redundant UVector entry cle... • http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp • CWE-415: Double Free •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2017-7867 – Ubuntu Security Notice USN-3274-1
https://notcve.org/view.php?id=CVE-2017-7867
14 Apr 2017 — International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. International Components para Unicode (ICU) para C/C++ en versiones anteriores a 13-02-2017 tiene una escritura fuera de límites provocado por un desbordamiento de búfer basado en memoria dinámica en relación con la función utf8TextAccess en la función common/utext.cpp y la f... • http://bugs.icu-project.org/trac/changeset/39671 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2017-7868 – Ubuntu Security Notice USN-3274-1
https://notcve.org/view.php?id=CVE-2017-7868
14 Apr 2017 — International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. International Components para Unicode (ICU) para C/C++ en versiones anteriores a 13-02-2017 tiene una escritura fuera de límites provocado por un desbordamiento de búfer basado en memoria dinámica en relación con la función utf8TextAccess en common/utext.cpp y la función unad th... • http://bugs.icu-project.org/trac/changeset/39671 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2014-9911 – Ubuntu Security Notice USN-3227-1
https://notcve.org/view.php?id=CVE-2014-9911
28 Nov 2016 — Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call. Desbordamiento de búfer basado en pila en la función ures_getByKeyWithFallback en common/uresbund.cpp en International Components for Unicode (ICU) en versiones anteriores a 54.1 para C/C++ permite a atacantes remoto... • http://bugs.icu-project.org/trac/changeset/35699 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 1CVE-2016-7415 – Gentoo Linux Security Advisory 201701-58
https://notcve.org/view.php?id=CVE-2016-7415
17 Sep 2016 — Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string. Desbordamiento de búfer basado en pila en la clase Locale en common/locid.cpp en International Components para Unicode (ICU) hasta la versión 57.1 para C/C++ permite a atacantes remotos provocar una denegación de servicio (caída de ap... • http://www.openwall.com/lists/oss-security/2016/09/15/10 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •