SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
Max CVSS
7.8
EPSS Score
0.60%
Published
2019-09-14
Updated
2023-02-28
Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++.
Max CVSS
7.6
EPSS Score
19.36%
Published
2007-05-14
Updated
2018-10-16
2 vulnerabilities found