2423 matches found
Denial Of Service (DoS)
Node.js is vulnerable to Denial of Service DoS. The vulnerability is due to improper error handling when asynchooks.createHook is enabled, where "Maximum call stack size exceeded" errors become uncatchable and terminate the process instead of reaching uncaughtException, allowing attackers to...
CVE-2026-32933
AutoMapper is a convention-based object-object mapper in .NET. Versions prior to 15.1.1 and 16.1.1 are vulnerable to a Denial of Service DoS attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an...
CVE-2026-32933 AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion
AutoMapper is a convention-based object-object mapper in .NET. Versions prior to 15.1.1 and 16.1.1 are vulnerable to a Denial of Service DoS attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an...
CVE-2026-32933 AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion
AutoMapper is a convention-based object-object mapper in .NET. Versions prior to 15.1.1 and 16.1.1 are vulnerable to a Denial of Service DoS attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an...
CVE-2026-32933
AutoMapper (a .NET object-object mapper) is vulnerable in versions prior to 15.1.1 and 16.1.1 to a Denial of Service via uncontrolled recursion during deep object graph mapping, which can exhaust thread stack memory and trigger a StackOverflowException, terminating the process. The issue is mitig...
CVE-2026-32933 AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion
AutoMapper is a convention-based object-object mapper in .NET. Versions prior to 15.1.1 and 16.1.1 are vulnerable to a Denial of Service DoS attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an...
CVE-2006-10003
A flaw was found in XML::Parser, a Perl module for parsing XML. This vulnerability, an off-by-one heap buffer overflow, occurs when processing an XML file with very deep element nesting. A remote attacker could exploit this by providing a specially crafted XML file, potentially leading to memory...
EUVD-2006-7234
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
CVE-2006-10003
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
UBUNTU-CVE-2006-10003
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
CVE-2006-10003 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
CVE-2006-10003 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
CVE-2006-10003
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
CVE-2006-10003
XML::Parser for Perl versions through 2.47 contains an off-by-one heap buffer overflow in st_serial_stack. When stackptr == stacksize - 1, the stack should not expand, yet the code writes to (++stackptr) which equals stacksize, falling outside the allocated buffer and enabling memory corruption u...
CVE-2006-10003
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
XML::Parser 安全漏洞
XML::Parser is an open-source XML document parsing module written in Perl by CPAN authors. Versions of XML::Parser 2.47 and earlier contained security vulnerabilities. These vulnerabilities were caused by a buffer overflow in stserialstack, which could lead to writing beyond the allocated buffer...
Linux Distros Unpatched Vulnerability : CVE-2006-10003
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be...
CVE-2026-32878
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.20 and 8.6.44, an attacker can bypass the default request keyword denylist protection and the class-level permission for adding fields by sending a crafted request that...
CVE-2026-32878
Parse Server is vulnerable to prototype pollution in its deep copy path prior to versions 9.6.0-alpha.20 and 8.6.44. An attacker can bypass the default denylist and class-level field-adding permissions by crafting a request, allowing injection of fields into locked schemas and causing permanent s...
CVE-2026-32878 Parse Server vulnerable to schema poisoning via prototype pollution in deep copy
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.20 and 8.6.44, an attacker can bypass the default request keyword denylist protection and the class-level permission for adding fields by sending a crafted request that...