EUVD-2025-38752

Malicious code in ocha-pisang66-miaww npm...

MAL-2025-38752 Malicious code in wander-snfbk-yyr2n-glow-project (npm)

The package wander-snfbk-yyr2n-glow-project was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2022-38752

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker m...

CVE-2022-38752 affecting package snakeyaml 1.25-2

CVE-2022-38752 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never applicable...

CVE-2024-38752

creationtimestamp| type| source ---|---|--- 2024-08-13 13:46:05+00:00| seen| https://t.me/cvedetector/3001...

CVE-2024-38752

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Zoho Campaigns allows Cross-Site Scripting XSS.This issue affects Zoho Campaigns: from n/a through 2.0.8...

CVE-2024-38752 WordPress Zoho Campaigns plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Zoho Campaigns allows Cross-Site Scripting XSS.This issue affects Zoho Campaigns: from n/a through 2.0.8...

CVE-2024-38752 WordPress Zoho Campaigns plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Zoho Campaigns allows Cross-Site Scripting XSS.This issue affects Zoho Campaigns: from n/a through 2.0.8...

CVE-2024-38752

The CVE CVE-2024-38752 affects Zoho Campaigns WordPress plugin versions up to and including 2.0.8, with an XSS vulnerability caused by improper input neutralization during web page generation. The issue allows cross-site scripting in affected pages and has CVSS 3.1 base metrics (Network attack; l...

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to a denial of service due to SnakeYAML (CVE-2022-38752)

Summary IBM Sterling Partner Engagement Manager uses SnakeYAML. Vulnerability Details CVEID:CVE-2022-38752 DESCRIPTION: SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker coul...

Amazon Linux 2 : snakeyaml (ALAS-2024-2450)

The version of snakeyaml installed on the remote host is prior to 1.11-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2450 advisory. Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user...

Low: snakeyaml

Issue Overview: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. CVE-2022-38752 Affected Packages: snakeyaml Note: Th...

Security Bulletin: Multiple vulnerabilities in open source libraries affect IBM® Db2® Federated.

Summary Multiple vulnerabilities in open source libraries affect IBM® Db2® Federated. These vulnerabilities were fixed in the images published on December 01, 2023 but the CVEs were not included in the bulletin. Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote...

Medium: snakeyaml

Issue Overview: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. CVE-2022-38752 Those using Snakeyaml to parse...

CVE-2023-38752

CVE-2023-38752 concerns an improper authorization vulnerability in the Special Interest Group Network for Analysis and Liaison (Inter-SOC Cooperation API). Affected versions are 4.4.0 through 4.7.7, where an authorized API user can view the attribute information of a poster marked as non-disclosu...

JVN#83334799: Multiple vulnerabilities in Special Interest Group Network for Analysis and Liaison's API

Special Interest Group Network for Analysis and Liaison's "Inter-SOC Cooperation API" provided by Japan Computer Emergency Response Team Coordination Center JPCERT/CC contains multiple vulnerabilities listed below. Improper Authorization in Information Provision function CWE-285 - CVE-2023-38751...

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.18.3 Patch 2 release

Camel for Spring Boot 3.18.3 Patch 2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

GLSA-202305-28 : snakeyaml: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-28 snakeyaml: Multiple Vulnerabilities - The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564. CVE-2017-18640 - Using snakeYAML to parse untrusted YAML...

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 9

New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 7

New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...