Lucene search
K

6 matches found

EUVD
EUVD
added 2026/03/23 11:38 p.m.6 views

EUVD-2026-14642

Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player'...

7.5CVSS5.9AI score0.00821EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/23 6:14 p.m.6 views

Out-of-bounds Read

Overview github.com/shamaton/msgpack/v3/internal/decoding is a None Affected versions of this package are vulnerable to Out-of-bounds Read. due to improper validation of input in the fixext process. An attacker can cause the application to panic and terminate unexpectedly by sending specially...

8.7CVSS5.8AI score
Exploits0References3
Snyk
Snyk
added 2026/03/16 8:27 p.m.9 views

Out-of-bounds Read

Overview github.com/shamaton/msgpack/v3/time is a None Affected versions of this package are vulnerable to Out-of-bounds Read. via the Unmarshal, UnmarshalAsMap, UnmarshalAsArray, and Marshal functions, which invoke Decode. An attacker can cause a panic with truncated fixext data that triggers an...

8.7CVSS6.7AI score0.01036EPSS
Exploits2References3
OSV
OSV
added 2024/02/07 12:30 p.m.6 views

GHSA-C57V-4VG5-CM2X Apache Pulsar SASL Authentication Provider observable timing discrepancy vulnerability

Observable timing discrepancy vulnerability in Apache Pulsar SASL Authentication Provider can allow an attacker to forge a SASL Role Token that will pass signature verification. Users are recommended to upgrade to version 2.11.3, 3.0.2, or 3.1.1 which fixes the issue. Users should also consider...

7.4CVSS5.8AI score0.00763EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/10/16 12:0 a.m.3 views

PT-2023-29000 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.1.1 stable Discourse versions prior to 3.2.0.beta2 Description: Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the "/polls/grouped poll...

3.7CVSS4AI score0.00314EPSS
Exploits0References9
OSV
OSV
added 2022/12/25 9:30 p.m.2 views

GHSA-8GH8-HQWG-XF34 Starcounter-Jack JSON-Patch Prototype Pollution vulnerability

A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack can be initiated remotely...

7.3CVSS4.8AI score0.01083EPSS
Exploits1References9
Rows per page
Query Builder