EUVD-2022-5887

Malicious code in bioql PyPI...

EUVD-2022-6441

Malicious code in bioql PyPI...

OSV-2025-718 Heap-buffer-overflow in pcpp::ArpLayer::toString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=443832078 Crash type: Heap-buffer-overflow READ 2 Crash state: pcpp::ArpLayer::toString pcpp::Packet::toStringList pcpp::Packet::toString...

Linux Distros Unpatched Vulnerability : CVE-2021-22095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the...

Linux Distros Unpatched Vulnerability : CVE-2016-7504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was observed in RptoString function of Artifex Software, Inc. MuJS before 5c337af4b3df80cf967e4f9f6a21522de84b392a. A successful...

Malicious code in vinyl-content-tostring (npm)

The package vinyl-content-tostring was found to contain malicious code...

MAL-2025-38410 Malicious code in vinyl-content-tostring (npm)

The package vinyl-content-tostring was found to contain malicious code...

Exposed Dangerous Method or Function

Overview org.webjars.npm:webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the webpackmodules object. An attacker can...

CVE-2021-22095

In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...

PT-2025-30076 · Git +1 · Pcapplusplus

Name of the Vulnerable Software and Affected Versions: cppc affected versions not specified Description: The software contains a heap-buffer-overflow read issue. The crash occurs within the toString function of the TelnetLayer class, triggered through toStringList and toString functions of the...

PT-2025-5343 · Webpack +2 · Webpack +2

Name of the Vulnerable Software and Affected Versions: Nuxt versions 3.0.0 through 3.15.12 Nuxt versions 3.12.2 through 3.152 Description: Source code may be stolen during development when using the webpack or rspack builder and a victim opens a malicious website. Because the request for classic...

Protection Mechanism Failure

Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Protection Mechanism Failure in a sandbox due to improper object validation in the ensureToStringAllowed function. An attacker can invoke the toString method on an...

DEBIAN-CVE-2024-51754

Twig is a template language for PHP. In a sandbox, an attacker can call toString on an object even if the toString method is not allowed by the security policy when the object is part of an array or an argument list arguments to a function or a filter for instance. This issue has been patched in...

Twig 安全漏洞

Twig is a PHP template engine open-sourced by Twig. Twig has a security vulnerability that stems from the fact that when an object is part of an array or parameter list in a sandbox, an attacker can call the toString method on the object even if the security policy does not allow it...

PT-2024-40582 · Git +1 · Maven-Model

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the java.base/java.util.Arrays.copyOfRange, java.base/java.lang.StringUTF16.newString, and...

OSV-2024-955 Use-of-uninitialized-value in pcpp::IPv6Address::toString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42536479 Crash type: Use-of-uninitialized-value Crash state: pcpp::IPv6Address::toString pcpp::NDPNeighborSolicitationLayer::toString pcpp::Packet::toStringList...

OSV-2024-954 Use-of-uninitialized-value in pcpp::MplsLayer::toString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68950 Crash type: Use-of-uninitialized-value Crash state: pcpp::MplsLayer::toString FuzzTarget.cpp pcpp::RawPacket::RawPacket...

OSV-2024-816 Use-of-uninitialized-value in pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69006 Crash type: Use-of-uninitialized-value Crash state: pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toString pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toStringAndMD5...

PT-2024-40892 · Git +1 · Pcapplusplus

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 16 crash has been reported. The crash occurs in the pcpp::NDPNeighborAdvertisementLayer::toString function, which is called b...

CVE-2024-21524

All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...