It was discovered that FriBidi incorrectly handled processing of input strings
resulting in memory corruption. An attacker could use this issue to cause
FriBidi to crash, resulting in a denial of service, or potentially execute
arbitrary code.
(CVE-2022-25308)
It was discovered that FriBidi incorrectly validated input data to its CapRTL
unicode encoder, resulting in memory corruption. An attacker could use this
issue to cause FriBidi to crash, resulting in a denial of service, or
potentially execute arbitrary code.
(CVE-2022-25309)
It was discovered that FriBidi incorrectly handled empty input when removing
marks from unicode strings, resulting in a crash. An attacker could use this
to cause FriBidi to crash, resulting in a denial of service, or potentially
execute arbitrary code.
(CVE-2022-25310)
More Stories
Palo Alto PAN-OS Authentication Bypass
What is the Vulnerability? A recent authentication bypass vulnerability (CVE-2025-0108) in the Palo Alto Networks PAN-OS software is under active...
openssl3-3.2.2-7.1.el8
FEDORA-EPEL-2025-9176cc66c2 Packages in this update: openssl3-3.2.2-7.1.el8 Update description: Rebase on CentOS Stream 9's openssl to pick up CVE fixes Read...
ZDI-CAN-25942: Fuji Electric
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'kimiya' was reported to the affected vendor on: 2025-02-21, 0 days...
MitM attack against OpenSSH’s VerifyHostKeyDNS-enabled client
Posted by Qualys Security Advisory via Fulldisclosure on Feb 20 Qualys Security Advisory CVE-2025-26465: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client...
Self Stored XSS – acp2sev7.2.2
Posted by Andrey Stoykov on Feb 20 # Exploit Title: Self Stored XSS - acp2sev7.2.2 # Date: 02/2025 # Exploit...
Python’s official documentation contains textbook example of insecure code (XSS)
Posted by Georgi Guninski on Feb 20 Python's official documentation contains textbook example of insecure code (XSS) Date: 2025-02-18 Author:...