Lucene search
K

57 matches found

Snyk
Snyk
added 2022/10/23 10:25 a.m.1 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow when it parses scientific notation numbers present in JSON. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit Credit: Kevin Stubbings...

7.5CVSS6.9AI score0.00649EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/10/21 12:0 a.m.47 views

CVE-2022-23462 Stack Buffer Overflow in iowow

IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service DOS when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit...

6.2CVSS7.8AI score0.00649EPSS
Exploits1References2
OSV
OSV
added 2022/10/21 12:0 a.m.35 views

CVE-2022-23462 Stack Buffer Overflow in iowow

IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service DOS when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit...

6.2CVSS7.7AI score0.00649EPSS
Exploits1References4
OSV
OSV
added 2019/08/02 12:24 p.m.8 views

SUSE-SU-2019:2042-1 Security update for python-Django

This update for python-Django fixes the following issues: - Fixed CVE-2019-6975 bsc1124991 Added CVE-2019-6975.patch to fix uncontrolled memory consumption If django.utils.numberformat.format -- used by contrib.admin as well as the the floatformat, filesizeformat, and intcomma templates filters -...

7.5CVSS7.4AI score0.05399EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/04/25 5:29 a.m.23 views

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

9.8CVSS7.2AI score0.01548EPSS
Exploits0References3
Prion
Prion
added 2018/04/25 5:29 a.m.18 views

Default credentials

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

5CVSS9.5AI score0.01548EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/04/25 5:29 a.m.2 views

UBUNTU-CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

9.8CVSS7.3AI score0.01548EPSS
Exploits0References4
OSV
OSV
added 2018/04/25 5:29 a.m.2 views

DEBIAN-CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

9.8CVSS7.1AI score0.01548EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/04/25 5:0 a.m.19 views

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

9.8CVSS9.5AI score0.01548EPSS
Exploits0
Cvelist
Cvelist
added 2018/04/25 5:0 a.m.26 views

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

9.5AI score0.01548EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/04/25 12:0 a.m.3 views

PT-2018-9847 · Phpliteadmin · Phpliteadmin

Name of the Vulnerable Software and Affected Versions: phpLiteAdmin versions 1.9.5 through 1.9.7.1 Description: An issue was discovered due to loose comparison with '==' instead of '===' in the Authorization.php class for user-provided login passwords. This allows an attacker to login with a...

9.8CVSS9.4AI score0.01548EPSS
Exploits0References8
Veracode
Veracode
added 2018/04/24 2:31 a.m.15 views

Authorization Bypass

phpLiteAdmin is vulnerable to Authorization Bypasses. The application uses the == comparator when validating passwords, allowing a malicious user to bypass the validation by passing in a numerical password in scientific notation e.g. 0e1...

9.8CVSS9.2AI score0.01548EPSS
Exploits0References4Affected Software1
F5 Networks
F5 Networks
added 2011/02/28 12:0 a.m.46 views

SOL12650 - PHP vulnerability CVE-2010-4645

The strtod.c function may allow context-dependent attackers to cause a denial-of-service via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers. Information about this advisory is available at the following location: Note: The previous link...

5CVSS8.8AI score0.15103EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2011/02/03 7:15 p.m.5 views

php: hang on numeric value 2.2250738585072011e-308 with x87 fpu

strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...

5CVSS7.4AI score0.15103EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2011/01/11 3:0 a.m.33 views

CVE-2010-4645

strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...

5CVSS7.2AI score0.15103EPSS
Exploits1References2
Prion
Prion
added 2011/01/11 3:0 a.m.21 views

Design/Logic Flaw

strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...

5CVSS6.8AI score0.15103EPSS
Exploits1References28Affected Software1
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.27 views

ms-excel-numbers.txt

Date: Thu, 31 Dec 1998 23:02:41 +0100 From: "Tom Rowe" Subject: Excel bug I imagine this has been discussed some, but in case it hasn't. If you enter a number, say 123456789999 in Excel and save the file as comma delimited csv I think MS uses it will be saved as 1.234567E+11. Quite a few programs...

7.4AI score
Exploits0
Rows per page
Query Builder