67 matches found
CVE-2026-14759
A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function rbinjavainnerclassesattrcalcsize of the file shlr/java/class.c of the component RBinJava Line Number Table Parser. Performing a manipulation results in heap-based buffer overflow. The attack...
CVE-2026-14759
radare2 (radareorg) up to version 6.1.6 is affected by CVE-2026-14759 in the RBinJava Line Number Table Parser. The vulnerability is located in function r_bin_java_inner_classes_attr_calc_size (file shlr/java/class.c) and leads to a heap-based buffer overflow when a manipulation is performed. The...
PT-2026-55809
Name of the Vulnerable Software and Affected Versions radareorg radare2 versions prior to 6.1.7 Description A heap-based buffer overflow occurs in the RBinJava Line Number Table Parser component within the r bin java inner classes attr calc size function located in the shlr/java/class.c file. Thi...
OSV-2026-609 Security exception in com.github.javaparser.ast.NodeList.forEach
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504814677 Crash type: Security exception Crash state: com.github.javaparser.ast.NodeList.forEach com.github.javaparser.ast.visitor.VoidVisitorAdapter.visit...
Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to JSON-Java
Summary IBM webMethods BPM uses JSON-Java for reading and parsing of JSON data. Vulnerability Details CVEID:CVE-2023-5072 DESCRIPTION: Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts...
MiracleLinux 4 : xerces-j2-2.7.1-12.6.AXS4 (AXSA:2013-718:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-718:01 advisory. The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition DTD defines the legal syntax and also...
EUVD-2020-0517
Malware in sbrugna...
EUVD-2022-3018
Malicious code in bioql PyPI...
OSV-2025-255 Security exception in com.github.javaparser.GeneratedJavaParser.Expression
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=407817254 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/java.lang.String.equals com.github.javaparser.utils.LineSeparator.lookup...
PT-2025-16186 · Git +1 · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The software is susceptible to a security exception triggered during the parsing of Java expressions. The crash state involves com.github.javaparser.GeneratedJavaParser.Expression,...
OSV-2025-239 Security exception in com.github.javaparser.GeneratedJavaParser.Expression
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=406331578 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/java.lang.StringLatin1.regionMatchesCI java.base/java.lang.String.regionMatches...
Amazon Linux 2 : xerces-j2 (ALAS-2024-2649)
The version of xerces-j2 installed on the remote host is prior to 2.11.0-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2649 advisory. Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted...
Medium: xerces-j2
Issue Overview: Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML service, which triggers hash table collisions. CVE-2012-0881 There's a vulnerability within the Apache Xerces Java XercesJ XML parser when...
Medium: xerces-j2
Issue Overview: Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML service, which triggers hash table collisions. CVE-2012-0881 There's a vulnerability within the Apache Xerces Java XercesJ XML parser when...
PT-2024-40839 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the CommentsInserter class. The crash occurs in the insertComments function, which is part of the JavaParser library. The error is also...
PT-2024-40827 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: A security exception crash has been reported. The crash involves the com.github.javaparser.GeneratedJavaParser.Expression and java.base/java.lang.StringUTF16.compress functions, as well as the...
PT-2024-40787 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the CommentsInserter class. The crash occurs in the insertComments function, which is part of the JavaParser library. The error is also...
PT-2024-40780 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: A security exception crash has been reported. The crash involves the insertComments function in com.github.javaparser.CommentsInserter, and the equals methods in...
OSV-2024-445 Security exception in com.github.javaparser.CommentsInserter.insertComments
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68730 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.lang.String.charAt java.base/sun.invoke.util.Wrapper.hashPrim...
PT-2024-40688 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the JavaParser library. A crash occurs due to a security exception, with the crash state involving the TreeVisitorValidator.accept and...