Lucene search
K

361 matches found

EUVD
EUVD
added 2026/03/17 6:41 p.m.3 views

EUVD-2026-12623

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...

4.9CVSS6.3AI score0.00389EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.7 views

EulerOS 2.0 SP11 : haproxy (EulerOS-SA-2026-1580)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON...

7.5CVSS7.1AI score0.00469EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: perl-JSON-XS (UTSA-2026-006133)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006133 advisory. JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other...

7.5CVSS6AI score0.00603EPSS
Exploits0References4
OSV
OSV
added 2026/03/11 4:16 p.m.4 views

UBUNTU-CVE-2025-14513

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.5 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.7.6, 18.8.6...

7.5CVSS5.9AI score0.00475EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/22 1:27 a.m.5 views

CVE-2019-25449

OrientDB 3.0.17 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted JSON payloads to the document endpoint. Attackers can send POST requests to /document/demodb/-1:-1 with script tags in the name parameter to execute...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.5 views

PT-2026-21319

OrientDB 3.0.17 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted JSON payloads to the document endpoint. Attackers can send POST requests to /document/demodb/-1:-1 with script tags in the name parameter to execute...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.5 views

EulerOS Virtualization 2.10.1 : yajl (EulerOS-SA-2026-1152)

According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes wi...

7.5CVSS5.9AI score0.03735EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/21 5:27 p.m.6 views

EUVD-2026-3609

Mini Mouse 9.2.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary commands through an unauthenticated HTTP endpoint. Attackers can leverage the /op=command endpoint to download and execute payloads by sending crafted JSON requests with malicious script...

9.8CVSS6.8AI score0.01044EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/16 10:26 p.m.7 views

CVE-2023-7334

Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...

9.8CVSS6.6AI score0.00988EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.8 views

EulerOS 2.0 SP12 : haproxy (EulerOS-SA-2026-1089)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON...

7.5CVSS7.1AI score0.00469EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/01/14 12:0 a.m.7 views

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2026-1069)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.00469EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability in cjson

cJSON 1.7.15 may allow a denial of service through a crafted JSON document, such as "a": true, "b": null,9999999999999999999999999999999999999999999999912345678901234567...

2.9CVSS5.3AI score0.00196EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.7 views

CVE-2025-40930

JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact...

7.5CVSS7.3AI score0.0063EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:35 a.m.10 views

CVE-2017-18349

parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is...

10CVSS7.8AI score0.3897EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.6 views

CVE-2023-4883

Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...

7.5CVSS6.8AI score0.00515EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/09 7:41 a.m.6 views

Unsafe Dependency Resolution

Overview com.alibaba:fastjson is a fast JSON parser/generator for Java. Affected versions of this package are vulnerable to Unsafe Dependency Resolution due to the unsafe implementation of the checkAutoType function. An attacker can execute arbitrary code by supplying a crafted JSON document...

10CVSS9AI score0.0069EPSS
Exploits0References3
NVD
NVD
added 2025/12/19 5:15 p.m.5 views

CVE-2025-63665

An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window...

9.8CVSS0.00428EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/19 12:0 a.m.26 views

CVE-2025-63665

An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window...

0.00428EPSS
Exploits0References2
CVE
CVE
added 2025/12/19 12:0 a.m.16 views

CVE-2025-63665

CVE-2025-63665 affects GT Edge AI in multiple builds. GT Edge AI Community Edition versions before v2.0.12 are vulnerable to arbitrary code execution via a crafted JSON payload injected into the Prompt window. GT Edge AI Platform before v2.0.10-dev is similarly vulnerable to the same flaw. The is...

9.8CVSS7.4AI score0.00428EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder