421 matches found
CVE-2016-10749
parsestring in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character...
CVE-2016-10749
parsestring in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character...
PT-2019-7545 · Cjson · Cjson
Name of the Vulnerable Software and Affected Versions: cJSON versions prior to 2016-10-02 Description: The issue is related to a buffer over-read in the parse string function in cJSON.c. This occurs when processing a string that starts with a " character and ends with a character. Recommendations...
CVE-2018-20579
Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '' or '' character...
Dave Gamble cJSON Double Release Vulnerability
Dave Gamble cJSON is a lightweight JSON format parser . A double-release vulnerability exists in the Dave Gamble cJSON 1.7.2 and earlier versions of the cJSON library. An attacker can exploit this vulnerability to cause a denial of service crash or remote code execution...
Dave Gamble cJSON Denial of Service Vulnerability
Dave Gamble cJSON is a lightweight JSON format parser . A security vulnerability exists in the cJSON library in Dave Gamble cJSON 1.7.6 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service memory leak...
AZL-41919 CVE-2018-1000215 affecting package libglvnd for versions less than 1.7.0-2
Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service DoS. This attack appear to be exploitable via If the attacker can force the data to be printed and the system is in low memory it can force a leak of memory. This...
CVE-2018-1000215
Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service DoS. This attack appear to be exploitable via If the attacker can force the data to be printed and the system is in low memory it can force a leak of memory. This...
Design/Logic Flaw
Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service DoS. This attack appear to be exploitable via If the attacker can force the data to be printed and the system is in low memory it can force a leak of memory. This...
CVE-2018-1000216
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could...
UBUNTU-CVE-2018-1000215
Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service DoS. This attack appear to be exploitable via If the attacker can force the data to be printed and the system is in low memory it can force a leak of memory. This...
CVE-2018-1000216
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could...
DEBIAN-CVE-2018-1000215
Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service DoS. This attack appear to be exploitable via If the attacker can force the data to be printed and the system is in low memory it can force a leak of memory. This...
Double free
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could...
CVE-2018-1000216
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could...
CVE-2018-1000217
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...
AZL-41629 CVE-2018-1000217 affecting package libglvnd for versions less than 1.7.0-2
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...
Design/Logic Flaw
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...
CVE-2018-1000217
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...
CVE-2018-1000217
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...