Search CVE reports


Toggle filters

11 – 20 of 39 results


CVE-2014-9911

Medium priority

Some fixes available 2 of 13

Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have...

8 affected packages

android, chromium-browser, firefox, icu, mozjs24...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android Not in release Not in release Not in release Not in release Ignored
chromium-browser Not affected Not affected Not affected Not affected Not affected
firefox Not affected Not affected Not affected Not affected Not affected
icu Not affected Not affected Not affected Not affected Not affected
mozjs24 Not in release Not in release Not in release Not in release Ignored
oxide-qt Not in release Not in release Not in release Not in release Not affected
r-cran-stringi Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Not affected Not affected
Show all 8 packages Show less packages

CVE-2016-7415

Medium priority
Fixed

Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have...

1 affected package

icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu Fixed
Show less packages

CVE-2016-6293

Medium priority

Some fixes available 3 of 4

The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\0' character at the end of a certain temporary array, which allows...

1 affected package

icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu Fixed
Show less packages

CVE-2016-0494

Medium priority

Some fixes available 12 of 15

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown...

4 affected packages

icu, openjdk-6, openjdk-7, openjdk-8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu Fixed
openjdk-6 Not in release
openjdk-7 Not in release
openjdk-8 Not affected
Show less packages

CVE-2015-4844

Medium priority

Some fixes available 12 of 15

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

4 affected packages

icu, openjdk-6, openjdk-7, openjdk-8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu Fixed
openjdk-6 Not in release
openjdk-7 Not in release
openjdk-8 Not affected
Show less packages

CVE-2015-5922

Medium priority
Not affected

Unspecified vulnerability in International Components for Unicode (ICU) before 53.1.0, as used in Apple OS X before 10.11 and watchOS before 2, has unknown impact and attack vectors.

1 affected package

icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu
Show less packages

CVE-2015-1270

Medium priority

Some fixes available 9 of 12

The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote...

3 affected packages

chromium-browser, icu, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser
icu
oxide-qt
Show less packages

CVE-2015-4760

Medium priority

Some fixes available 10 of 15

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

4 affected packages

icu, openjdk-6, openjdk-7, openjdk-8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu
openjdk-6
openjdk-7
openjdk-8
Show less packages

CVE-2015-2632

Low priority

Some fixes available 11 of 16

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.

4 affected packages

icu, openjdk-6, openjdk-7, openjdk-8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu
openjdk-6
openjdk-7
openjdk-8
Show less packages

CVE-2014-9654

Medium priority

Some fixes available 3 of 4

The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a...

1 affected package

icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu
Show less packages