57 matches found
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow when it parses scientific notation numbers present in JSON. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit Credit: Kevin Stubbings...
CVE-2022-23462 Stack Buffer Overflow in iowow
IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service DOS when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit...
CVE-2022-23462 Stack Buffer Overflow in iowow
IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service DOS when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit...
SUSE-SU-2019:2042-1 Security update for python-Django
This update for python-Django fixes the following issues: - Fixed CVE-2019-6975 bsc1124991 Added CVE-2019-6975.patch to fix uncontrolled memory consumption If django.utils.numberformat.format -- used by contrib.admin as well as the the floatformat, filesizeformat, and intcomma templates filters -...
CVE-2018-10362
An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...
Default credentials
An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...
UBUNTU-CVE-2018-10362
An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...
DEBIAN-CVE-2018-10362
An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...
CVE-2018-10362
An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...
CVE-2018-10362
An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...
PT-2018-9847 · Phpliteadmin · Phpliteadmin
Name of the Vulnerable Software and Affected Versions: phpLiteAdmin versions 1.9.5 through 1.9.7.1 Description: An issue was discovered due to loose comparison with '==' instead of '===' in the Authorization.php class for user-provided login passwords. This allows an attacker to login with a...
Authorization Bypass
phpLiteAdmin is vulnerable to Authorization Bypasses. The application uses the == comparator when validating passwords, allowing a malicious user to bypass the validation by passing in a numerical password in scientific notation e.g. 0e1...
SOL12650 - PHP vulnerability CVE-2010-4645
The strtod.c function may allow context-dependent attackers to cause a denial-of-service via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers. Information about this advisory is available at the following location: Note: The previous link...
php: hang on numeric value 2.2250738585072011e-308 with x87 fpu
strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...
CVE-2010-4645
strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...
Design/Logic Flaw
strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...
ms-excel-numbers.txt
Date: Thu, 31 Dec 1998 23:02:41 +0100 From: "Tom Rowe" Subject: Excel bug I imagine this has been discussed some, but in case it hasn't. If you enter a number, say 123456789999 in Excel and save the file as comma delimited csv I think MS uses it will be saved as 1.234567E+11. Quite a few programs...