411 matches found
PT-2024-40574 · Poco · Poco
Name of the Vulnerable Software and Affected Versions: Poco affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Poco::Dynamic::Var destructor and is associated with the Poco::JSON::Object::doStringify...
CVE-2024-34740
In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
The vulnerability of the `JsonSerializer.DeserializeAsyncEnumerable` method in the System.Text.Json library of the Microsoft.NET software platform and the Microsoft Visual Studio development tools allows a attacker to cause a service failure.
The vulnerability of the JsonSerializer.DeserializeAsyncEnumerable method in the System.Text.Json library of the Microsoft .NET software platform and the Microsoft Visual Studio development tools is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when using .NET's JsonSerializer.DeserializeAsyncEnumerable function on untrusted input. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...
Prototype Pollution
@cat5th/key-serializer is vulnerable to Prototype Pollution. The vulnerability is due to passing crafted arguments with the proto property using functions like query, set, default.query, and default.set. The vulnerability allows attackers to alter the behavior of all objects inheriting from the...
GHSA-WHPX-G542-7C7V @cat5th/key-serializer Prototype Pollution vulnerability
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
@cat5th/key-serializer Prototype Pollution vulnerability
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39018
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39018
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
key-serializer security vulnerability
key-serializer is a library by Harvey Woo Personal Developer. It is used to serialize keys and query keys deep within objects. A security vulnerability exists in key-serializer version 0.2.5, which stems from a function containing prototype contamination that allows an attacker to execute arbitra...
CVE-2024-39018
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39018
CVE-2024-39018 affects harvey-woo cat5th/key-serializer v0.2.5. The root cause is a prototype pollution flaw in the query function, enabling attackers to inject properties and potentially execute arbitrary code or cause a Denial of Service. Multiple sources (NVD, Red Hat, Veracode, GHSA, osv, CVE...
Malicious code in adequate-serializer (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6513 Malicious code in adequate-serializer (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in activerecord-msgpack-serializer (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6471 Malicious code in activerecord-msgpack-serializer (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6441 Malicious code in active-serializer (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in active-serializer (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in active-model_serializer_plus (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in message-serializer (PyPI)
--- -= Per source details. Do not edit below this line.=-...