Lucene search
+L

92 matches found

OSV
OSV
added 2025/12/29 11:15 p.m.5 views

UBUNTU-CVE-2025-15284

Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...

6.3CVSS6.5AI score0.0041EPSS
Exploits1References5
OSV
OSV
added 2025/12/29 10:56 p.m.7 views

CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion

Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...

6.3CVSS6.7AI score0.0041EPSS
Exploits1References6
CVE
CVE
added 2025/11/13 12:0 a.m.19 views

CVE-2025-60686

ToToLink routers (A720R V4.1.5cu.614_B20230630; LR1200GB V9.1.0u.6619_B20230130; NR1800X V9.1.0u.6681_B20230703) contain a local stack-based buffer overflow in infostat.cgi and cstecgi.cgi. Both binaries parse /proc/net/arp using sscanf() with the %s specifier into fixed-size stack buffers withou...

5.1CVSS7.5AI score0.00215EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2025/11/11 3:5 p.m.6 views

rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters

An unsafe default behavior in Rack::QueryParser allows bypass of the paramslimit parameter count restriction when query string parameters are delimited by semicolons ; rather than ampersands &. The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, ...

7.5CVSS6.9AI score0.00535EPSS
Exploits0References6
Snyk
Snyk
added 2025/10/16 4:40 p.m.5 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the jsbigintfromstring function when parsing strings with an excessively large number of digits. An attacker can cause a heap out-of-bounds write by supplying a crafted string input that triggers an...

8.8CVSS5.9AI score0.00447EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/16 3:52 p.m.11 views

CVE-2025-62496 Integer overflow in js_bigint_from_string in QuickJS

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

7.1CVSS0.00447EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-10657

Malware in sbrugna...

9.8CVSS9.2AI score0.02267EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-4622

Malware in sbrugna...

7.5CVSS7.5AI score0.01541EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2000-0794

Malware in sbrugna...

10CVSS6.4AI score0.03212EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-3324

Malware in sbrugna...

7.5CVSS7.6AI score0.05333EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-2608

Malicious code in bioql PyPI...

8.6CVSS7.4AI score0.00694EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-15914

Malicious code in bioql PyPI...

7.3AI score0.00202EPSS
Exploits0References9
Snyk
Snyk
added 2025/08/26 5:20 p.m.6 views

Use of Externally-Controlled Format String

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

8.8CVSS7.7AI score0.04065EPSS
Exploits1References2
Snyk
Snyk
added 2025/08/26 5:20 p.m.7 views

Use of Externally-Controlled Format String

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.8CVSS7.7AI score0.04065EPSS
Exploits1References2
OSV
OSV
added 2025/05/20 4:15 p.m.2 views

DEBIAN-CVE-2025-37927

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...

7.8CVSS6.2AI score0.00202EPSS
Exploits0References1
NVD
NVD
added 2025/05/20 4:15 p.m.23 views

CVE-2025-37927

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...

7.8CVSS0.00202EPSS
Exploits0References10
OSV
OSV
added 2025/05/20 4:15 p.m.2 views

UBUNTU-CVE-2025-37927

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...

7.8CVSS6.7AI score0.00202EPSS
Exploits0References41
Cvelist
Cvelist
added 2025/05/20 3:21 p.m.27 views

CVE-2025-37927 iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...

0.00202EPSS
Exploits0References8
OSV
OSV
added 2025/05/20 3:21 p.m.15 views

CVE-2025-37927 iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...

7.8CVSS6.4AI score0.00202EPSS
Exploits0References13
CVE
CVE
added 2025/05/20 3:21 p.m.104 views

CVE-2025-37927

CVE-2025-37927 affects the Linux kernel’s iommu/amd subsystem (parse_ivrs_acpihid). A string parsing logic error could cause a buffer overflow in HID or UID buffers when combining strings, because ACPIID_LEN is compared to the total length rather than the lengths of the individual HID and UID buf...

7.8CVSS7AI score0.00202EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder