In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
View Full Alert
Related Posts
CVE-2019-13117 (libxslt)In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on…
CVE-2019-9673 (freenet)Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI.
CVE-2019-12323 (hc10)The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS. View Full Alert
