78 matches found
Infinite loop
Overview org.webjars.npm:jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker ...
Arbitrary Command Injection
Overview mcp-maigret is a MCP server for maigret - OSINT username search across social networks Affected versions of this package are vulnerable to Arbitrary Command Injection via the searchusername process in index.ts when handling the Username argument. An attacker can execute arbitrary system...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the identityTriggerType function in the pfcpreports.go file. An attacker can cause a denial of service by sending specially crafted requests that trigger a null pointer dereference. Remediation Upgrade...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the xmllint interactive shell when repeatedly providing whitespace-only input. An attacker can exhaust system memory and cause process termination by continuously submitting such...
CRLF Injection
Overview Affected versions of this package are vulnerable to CRLF Injection via the Host header processing when an HTTP proxy is configured. An attacker can cause unintended or unauthorized HTTP requests to be forwarded by injecting additional HTTP headers or request bodies by supplying specially...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the gbase64encodeclose function. An attacker can cause memory corruption or application crashes by providing excessively large or untrusted input data. Remediation A fix was pushed into the master branch but not...
Buffer Over-read
Overview Affected versions of this package are vulnerable to Buffer Over-read via the pcapetheraton function. An attacker can cause unintended reads and writes outside the bounds of allocated memory by providing a specially crafted input string. Remediation Upgrade libpcap to version 1.10.6 or...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation in the parseFlowDesc function after PFCP association, when processing a PFCP Session Establishment Request containing a malformed Flow-Description. An attacker can cause the process to panic and terminate by...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ReadTIMImage function. An attacker can access sensitive memory contents by supplying a specially crafted TIM image file with large width and height values, causing an integer overflow and subsequent out-of-boun...
Integer Overflow or Wraparound
Overview org.webjars.npm:node-forge is a WebJar for node-forge. Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the derToOid function in the asn1.js file, which decodes ASN.1 structures containing OIDs with oversized arcs. An attacker can bypass security...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the gescapeuristring function. An attacker can cause a heap-based buffer overflow by supplying a string with a very large number of characters requiring escaping, which results in an incorrect...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the ViewModel functionality. An authenticated attacker can execute arbitrary code with application privileges by supplying crafted data through user-controllable URL parameters. Details Serializatio...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound due to improper handling of buffer size calculations in the libregexp engine. An attacker can achieve out-of-bounds memory writes by supplying a specially crafted regular expression that causes an...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the getlinkhashentry function. An attacker can cause an out-of-bounds read by supplying crafted input to the linker process. Remediation A fix was pushed into the master branch but not yet published. References -...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to an improper fix for CVE-2025-6507. An attacker can execute arbitrary code and access unauthorized system files by injecting malicious parameters that bypass regular expression filters by adding...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal due to improper validation of user-supplied paths in router.go. An attacker can access sensitive files on the server by crafting requests with directory traversal sequences in the URL path. Remediation A fix was...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the ReadOneJNGImage function. An attacker can access data on the heap or cause memory corruption by tricking a user into processing a specially crafted image file. Remediation A fix was pushed into the...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the jasimagechclrspc function. An attacker can cause a denial of service by triggering a null pointer dereference during image color space conversion. Remediation A fix was pushed into the master branch but...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the tmplayerparseline function when parsing a subtitle file. An attacker can cause a crash by providing a specially crafted subtitle file that triggers a NULL pointer dereference. Remediation Upgrade gstream...
Use of Uninitialized Variable
Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable due to the absent check of pimage value before calling opjj2kreadheader function. An attacker can achieve arbitrary code execution or cause a denial of service by supplying a specially crafted image file...