Lucene search
K

7 matches found

NVD
NVD
added 2026/06/22 10:16 p.m.10 views

CVE-2026-48514

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining...

7.5CVSS0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.14 views

PT-2026-51398

Name of the Vulnerable Software and Affected Versions MessagePack for C versions prior to 2.5.301 MessagePack for C versions prior to 3.1.7 Description The UnsafeBlitFormatterBase.Deserialize function reads an attacker-controlled byteLength from an extension payload and allocates an array based o...

7.5CVSS5.9AI score0.00231EPSS
Exploits0References6
Snyk
Snyk
added 2026/03/02 9:43 p.m.7 views

Prototype Pollution

Overview @orpc/client is a Affected versions of this package are vulnerable to Prototype Pollution via the deserialize function in StandardRPCJsonSerializer. An attacker can inject arbitrary properties into the global Object.prototype by sending specially crafted payloads containing dangerous...

10CVSS6.3AI score0.0091EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-31172

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00288EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/03/14 12:0 a.m.5 views

The vulnerability of the deserialize() function in the Jwcrypto Python library, which allows a hacker to trigger a denial-of-service attack.

The vulnerability of the deserialize function in the JavaScript library used by Jwcrypto for cryptography involves an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failure by sending a specially created JWE tok...

6.8CVSS6.4AI score0.0098EPSS
Exploits1References15Affected Software6
Cvelist
Cvelist
added 2022/05/19 7:59 p.m.17 views

CVE-2022-28948

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input...

7.6AI score0.035EPSS
Exploits1References2
CNVD
CNVD
added 2019/04/04 12:0 a.m.3 views

CoAPthon Serialize.deserialize() method denial of service vulnerability

CoAPthon is an RFC compliant python library for the CoAP protocol. A denial of service vulnerability exists in the Serialize.deserialize method in CoAPthon 3 version 1.0 and version 1.0.1. An attacker can exploit the vulnerability to cause applications using this library e.g., standard coap serve...

7.5CVSS6.7AI score0.01446EPSS
Exploits1References1
Rows per page
Query Builder