EUVD-2026-26443

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

MiracleLinux 9 : skopeo-1.14.3-2.el9 (AXSA:2024-8078:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8078:02 advisory. golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON...

SUSE CVE-2026-22028

Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A regression introduced in Preact 10.26.5 caused this protection to be softened. In applications where values from JSON payloads are assumed t...

EUVD-2018-9448

Malware in sbrugna...

EUVD-2022-46561

Malicious code in bioql PyPI...

CVE-2025-6183 Configd Injection

The StrongDM macOS client incorrectly processed JSON-formatted messages. Attackers could potentially modify macOS system configuration by crafting a malicious JSON message...

CVE-2025-6709

The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling of specific date values in JSON input when using OIDC authentication. This can be reproduced using the mongo shell to send a malicious JSON payload leading to an invariant failure and server crash. Thi...

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server v7.0 versions prior to 7.0.17 and v8.0 versions...

CVE-2025-5829

Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers...

CVE-2025-5829 Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability

Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers...

USN-7567-1 modsecurity-apache vulnerabilities

Simon Studer discovered that ModSecurity incorrectly handled certain JSON objects. An attacker could possibly use this issue to cause a denial of service. CVE-2025-47947 It was discovered that ModSecurity incorrectly handled requests when parsing certain form data. An attacker could possibly use...

CVE-2020-24941

An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24.0. The $guarded property is mishandled in some situations involving requests with JSON column nesting expressions...

iperf3 security update

An update is available for iperf3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Iperf is a tool which can measure maximum TCP bandwidth and tune various...

RLSA-2025:0161 Important: iperf3 security update

Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss. Security Fixes: iperf: Denial of Service in iperf Due to Improper JSON Handling CVE-2024-53580 For more details about the securit...

Oracle Linux 7 : iperf3 (ELSA-2025-0402)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0402 advisory. 3.1.7-3.0.1 - Fixes Improper JSON Handling CVE-2024-53580 Orabug: 37495333 Tenable has extracted the preceding description block directly from the Oracle Linux...

iperf3 security update

3.1.7-3.0.1 - Fixes Improper JSON Handling CVE-2024-53580 Orabug: 37495333...

RHEL 9 : iperf3 (RHSA-2025:0570)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:0570 advisory. Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, a...

Important: Red Hat Security Advisory: iperf3 security update

An update for iperf3 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: iperf3 security update

An update for iperf3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

Important: Red Hat Security Advisory: iperf3 security update

An update for iperf3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...