Lucene search
+L

32 matches found

CVE
CVE
added 2022/12/08 9:19 p.m.110 views

CVE-2022-23496

Vulnerability summary (CVE-2022-23496, Yauaa) : The Java library Yauaa can crash when using the Client Hints analysis feature introduced with version 7.0.0 due to an ArrayIndexOutOfBoundsException. This affects applications that enable Client Hints analysis; those not using this feature are not a...

7.5CVSS7.4AI score0.00738EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/12/08 9:19 p.m.59 views

CVE-2022-23496 A crafted list can trigger a ArrayIndexOutOfBoundsException in Yauaa

Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...

7.5CVSS7.7AI score0.00738EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/08 9:19 p.m.4 views

CVE-2022-23496 A crafted list can trigger a ArrayIndexOutOfBoundsException in Yauaa

Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...

7.5CVSS7.5AI score0.00738EPSS
Exploits0References2
OSV
OSV
added 2022/12/08 9:19 p.m.35 views

CVE-2022-23496 A crafted list can trigger a ArrayIndexOutOfBoundsException in Yauaa

Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...

7.5CVSS7.5AI score0.00738EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/12/08 3:52 p.m.46 views

Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List

Impact Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. Applications that do not use this feature are not affected. Patches Upgrade to 7.9.0 Workarounds Catch and discard any exceptions from...

7.5CVSS2.2AI score0.00738EPSS
Exploits0References4Affected Software12
OSV
OSV
added 2022/12/08 3:52 p.m.51 views

GHSA-C4PM-63CG-9J7H Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List

Impact Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. Applications that do not use this feature are not affected. Patches Upgrade to 7.9.0 Workarounds Catch and discard any exceptions from...

8.6CVSS7.4AI score0.00738EPSS
Exploits0References4
Veracode
Veracode
added 2021/06/02 3:40 a.m.32 views

Denial Of Service (DoS)

json-smart is vulnerable to denial of service DoS. An unhandled ArrayIndexOutOfBoundsException thrown from the indexOf function of JSONParserByteArray allows a remote attacker to crash the program or leak confidential information...

7.5CVSS5.1AI score0.023EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/21 12:0 a.m.159 views

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:0665-1)

This update for java-180-ibm fixes the following issues : - Removed java-180-ibm-alsa and java-180-ibm-plugin entries in baselibs.conf due to errors in osc sourcevalidator Version update to 8.0.5.10 bsc1082810 - Security fixes: CVE-2018-2639 CVE-2018-2638 CVE-2018-2633 CVE-2018-2637 CVE-2018-2634...

8.3CVSS6.3AI score0.06905EPSS
Exploits0References37
Prion
Prion
added 2016/10/31 10:59 a.m.14 views

Design/Logic Flaw

On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually...

7.8CVSS6.8AI score0.00604EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/10/31 10:0 a.m.44 views

CVE-2016-7989

CVE-2016-7989 affects Samsung Galaxy S4–S7. A malformed OTA WAP PUSH SMS containing an OMACP message triggers an unhandled ArrayIndexOutOfBoundsException in Samsung’s WifiServiceImpl (wifi-service.jar), causing the Android runtime to crash repeatedly and render the device unusable until a factory...

7.8CVSS7.1AI score0.00604EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2009/10/14 10:30 a.m.19 views

Design/Logic Flaw

The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service application restart and network disconnection via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to...

4.3CVSS6.9AI score0.01498EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2009/10/14 10:0 a.m.35 views

CVE-2009-2999

The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service application restart and network disconnection via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to...

6.6AI score0.01498EPSS
Exploits0References5
Rows per page
Query Builder