Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.8 views

RockyLinux 10 : jq (RLSA-2026:19151)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19151 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/18 12:16 p.m.17 views

Important: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

RockyLinux 10 : jq (RLSA-2026:16692)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:16692 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/02/05 2:8 p.m.8 views

CVE-2020-28593

A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

8.1CVSS7.2AI score0.01875EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2024/08/07 12:0 a.m.17 views

CVE-2024-42005

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values and valueslist methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed arg...

9.8CVSS7.8AI score0.01227EPSS
Exploits0
Prion
Prion
added 2014/12/16 6:59 p.m.18 views

Code injection

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object...

10CVSS8.1AI score0.19086EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder