MAL-2025-3578 Malicious code in discord-json-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1e9377f415fba4ec726168295cc5ca3be775a940e1709f6a70a19a6c48c3dd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in discord-json-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1e9377f415fba4ec726168295cc5ca3be775a940e1709f6a70a19a6c48c3dd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

AZL-60889 CVE-2023-26819 affecting package libglvnd for versions less than 1.7.0-3

cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as "a": true, "b": null,9999999999999999999999999999999999999999999999912345678901234567...

GHSA-9M3Q-RHMV-5Q44 Out-of-bounds Read in Ruby JSON Parser

Impact A specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions 2.10.0 and 2.10.1 are impacted. Older versions are not. Patches Version 2.10.2 fixes the problem. Workarounds None...

Out-of-bounds Read in Ruby JSON Parser

Impact A specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions 2.10.0 and 2.10.1 are impacted. Older versions are not. Patches Version 2.10.2 fixes the problem. Workarounds None...

CVE-2025-27788 Ruby JSON Parser has Out-of-bounds Read

JSON is a JSON implementation for Ruby. Starting in version 2.10.0 and prior to version 2.10.2, a specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions prior to 2.10.0 are not vulnerable. Version 2.10.2 fixes the problem. No known workarounds are...

CVE-2025-27788

The CVE-2025-27788 entry corresponds to a Ruby JSON parser vulnerability (CVE-2025-27788) with out-of-bounds read leading to crashes. In IBM’s advisory, the affected products are: IBM watsonx Assistant Cartridge (versions 4.0–5.2.0) and IBM watsonx Orchestrate with watsonx Assistant Cartridge – A...

CVE-2025-27788 Ruby JSON Parser has Out-of-bounds Read

JSON is a JSON implementation for Ruby. Starting in version 2.10.0 and prior to version 2.10.2, a specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions prior to 2.10.0 are not vulnerable. Version 2.10.2 fixes the problem. No known workarounds are...

Out-of-bounds Read in Ruby JSON Parser

Impact A specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions 2.10.0 and 2.10.1 are impacted. Older versions are not. Patches Version 2.10.2 fixes the problem. Workarounds None...

Linux Distros Unpatched Vulnerability : CVE-2022-31116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain...

Linux Distros Unpatched Vulnerability : CVE-2023-29451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy. CVE-2023-29451 Note th...

CVE-2017-12635

Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit users documents with duplicate keys for 'roles' used for access control within the database, including the special case 'admin' role,...

CVE-2021-44390

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. Format param is not object. An attacker can send an HTTP request to trigger this vulnerability...

CBL Mariner 2.0 Security Update: mysql (CVE-2024-2410)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2410 advisory. - The JsonToBinaryStream function is part of the protocol buffers C++ implementation and is used to parse JSON...

Monero: Spamming highly nested JSON RPC requests cause node to disconnect from p2p network

The vulnerability allowed an attacker to remotely lock monerod from syncing with the rest of the p2p network by forging a highly nested JSON payload and spamming it through a restricted RPC interface. The Epee JSON parser was found to allow duplicated fields and set a recursion limit that was too...

Fedora: Security Advisory (FEDORA-2024-fb1e912d0e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-a3c1b2629e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: rapidjson-1.1.0-41.fc39

RapidJSON is a fast JSON parser and generator for C++. It was inspired by RapidXml. RapidJSON is small but complete. It supports both SAX and DOM style API. The SAX parser is only a half thousand lines of code. RapidJSON is fast. Its performance can be comparable to strlen. It also optionally...

RLSA-2023:6551 Moderate: yajl security update

Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes: yajl: Memory leak in yajltreeparse function CVE-2023-33460 For more details about the security issues, including the impact, a CVSS score,...

yajl security update

An update is available for yajl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser...