Lucene search
K

430 matches found

Nuclei
Nuclei
added 2 days ago80 views

Razer Sila Gaming Router - Remote Code Execution

A command injection in the command parameter of Razer Sila Gaming Router v2.0.441api-2.0.418 allows attackers to execute arbitrary commands via a crafted POST request. id: CVE-2022-29013 info: name: Razer Sila Gaming Router - Remote Code Execution author: DhiyaneshDK severity: critical descriptio...

9.8CVSS7.2AI score0.77136EPSS
Exploits1References2
Fedora
Fedora
added 4 days ago6 views

[SECURITY] Fedora 44 Update: cjson-1.7.19-1.fc44

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file...

9.8CVSS6.1AI score0.00693EPSS
Exploits2
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39332

Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

10CVSS5.9AI score0.00395EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-46752

Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

10CVSS0.00395EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 8:0 a.m.33 views

CVE-2026-46752 Apache Kvrocks: Stack buffer overflow in Lua bit.tohex()

Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

10CVSS0.00395EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 8:0 a.m.16 views

CVE-2026-46752

CVE-2026-46752 describes a Redis Lua HEAP overflow in the cjson library used by Apache Kvrocks. Affected versions are Kvrocks 2.0.4 through 2.15.0. The issue’s root cause is a heap overflow in Lua-related handling within cjson, leading to a high-severity impact. Kvrocks users should upgrade to ve...

10CVSS5.9AI score0.00395EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 4:5 p.m.39 views

CVE-2026-49847 FreeSWITCH: Stack overflow in bundled cJSON parser via deeply nested JSON

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, a single unauthenticated WebSocket frame containing a deeply nested JSON document crashes...

7.5CVSS0.00414EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.26 views

FuzzPilot: Plateau-Triggered Recipe Validation for Structured Text Fuzzing

FuzzPilot is a controller for AFL++ that moves expensive reasoning out of the mutation hot path. When coverage plateaus, it snapshots the corpus, prepares candidate mutation recipes, evaluates them in short isolated AFL++ micro-campaigns, and promotes only recipes with positive validation reward...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in cjson

It has been discovered that cJSON v1.7.16 contains a segmentation violation due to the use of the cJSONSetValuestring function in the cJSON.c file...

7.5CVSS6AI score0.00961EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. A specially crafted Lua script executed in Redis can trigger a heap overflow in the cjson library, leading to heap corruption and potentially remote code execution. This issue exists in all versions of Redis that support Lua scripting,...

8.8CVSS6.9AI score0.41409EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in cjson

It has been discovered that cJSON v1.7.16 contains a segmentation violation due to the use of the cJSONInsertItemInArray function in the cJSON.c library...

7.5CVSS6.3AI score0.01508EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2026/04/15 12:0 a.m.9 views

Ubuntu: Security Advisory (USN-8169-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS6.9AI score0.86767EPSS
Exploits16References2
OSV
OSV
added 2026/04/13 1:18 p.m.6 views

USN-8169-1 redis, lua5.1, lua-cjson, lua-bitop vulnerabilities

It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in lua5.1 on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2025-49844 It was...

9.9CVSS7.4AI score0.86767EPSS
Exploits16References4
NVD
NVD
added 2026/04/02 6:16 p.m.17 views

CVE-2026-34608

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhookinproc.c, the hookworkcb function processes nng messages by parsing the message body with cJSONParsebody. The body is obtained from nngmsgbodymsg, which is a binary buffer without a...

8.2CVSS0.00359EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/02 5:52 p.m.1 views

CVE-2026-34608

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhookinproc.c, the hookworkcb function processes nng messages by parsing the message body with cJSONParsebody. The body is obtained from nngmsgbodymsg, which is a binary buffer without a...

4.9CVSS5.9AI score0.00359EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/04/02 5:52 p.m.20 views

CVE-2026-34608 nanomq: Heap-Buffer-Overflow in webhook_inproc.c via cJSON_Parse OOB Read

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhookinproc.c, the hookworkcb function processes nng messages by parsing the message body with cJSONParsebody. The body is obtained from nngmsgbodymsg, which is a binary buffer without a...

4.9CVSS0.00359EPSS
Exploits1References3
OSV
OSV
added 2026/04/02 5:52 p.m.5 views

CVE-2026-34608 nanomq: Heap-Buffer-Overflow in webhook_inproc.c via cJSON_Parse OOB Read

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhookinproc.c, the hookworkcb function processes nng messages by parsing the message body with cJSONParsebody. The body is obtained from nngmsgbodymsg, which is a binary buffer without a...

4.9CVSS6.1AI score0.00359EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.18 views

PT-2026-29862

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhook inproc.c, the hook work cb function processes nng messages by parsing the message body with cJSON Parsebody. The body is obtained from nng msg bodymsg, which is a binary buffer withou...

4.9CVSS5.9AI score0.00359EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.9 views

NanoMQ 安全漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. There is a security vulnerability in NanoMQ, which stems from the use of the hookworkcb function to parse message bodies using cJSONParse. This leads to out-of-bounds read access to unallocated memory...

8.2CVSS5.8AI score0.00359EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.5 views

CVE-2026-4743

NULL Pointer Dereference vulnerability in taurusxin ncmdump ‎src/utils‎ modules. This vulnerability is associated with program files cJSON.Cpp‎. This issue affects ncmdump: before 1.4.0...

6.7CVSS5.8AI score0.00117EPSS
Exploits0References1
Rows per page
Query Builder