207 matches found
CVE-2026-32285 Denial of service in github.com/buger/jsonparser
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
CVE-2026-32285
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
github.com/buger/jsonparser has a denial of service vulnerability
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
GHSA-6G7G-W4F8-9C9X github.com/buger/jsonparser has a denial of service vulnerability
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
Uncaught Exception
Overview github.com/buger/jsonparser is an Alternative JSON parser for Go. Affected versions of this package are vulnerable to Uncaught Exception via the Delete function when processing malformed JSON input. An attacker can cause a runtime panic and disrupt service availability by submitting...
GO-2026-4514 Denial of service in github.com/buger/jsonparser
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
PT-2026-28436
Name of the Vulnerable Software and Affected Versions versions prior to 2026 Description The Delete function does not correctly validate offsets when processing malformed JSON input. This can result in a negative slice index and a runtime panic, potentially leading to a denial of service attack...
PT-2026-23928
Name of the Vulnerable Software and Affected Versions code-projects Simple Flight Ticket Booking System version 1.0 Description A security flaw exists in code-projects Simple Flight Ticket Booking System version 1.0. The issue involves SQL injection, potentially allowing remote attackers to explo...
CVE-2026-2669 Rongzhitong Visual Integrated Command and Dispatch Platform User delete access control
A vulnerability was determined in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This impacts an unknown function of the file /dm/dispatch/user/delete of the component User Handler. This manipulation of the argument ID causes improper access controls. Remote...
CVE-2026-2669 Rongzhitong Visual Integrated Command and Dispatch Platform User delete access control
A vulnerability was determined in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This impacts an unknown function of the file /dm/dispatch/user/delete of the component User Handler. This manipulation of the argument ID causes improper access controls. Remote...
CVE-2026-2551
A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible to initiate the attack remotely. The exploi...
CVE-2026-2552
A vulnerability was identified in ZenTao up to 21.7.8. Affected by this issue is the function delete of the file editor/control.php of the component Committer. Such manipulation of the argument filePath leads to path traversal. Upgrading to version 21.7.9 can resolve this issue. The affected...
EUVD-2026-6093
A vulnerability was identified in ZenTao up to 21.7.8. Affected by this issue is the function delete of the file editor/control.php of the component Committer. Such manipulation of the argument filePath leads to path traversal. Upgrading to version 21.7.9 can resolve this issue. The affected...
EUVD-2026-6094
A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible to initiate the attack remotely. The exploi...
CVE-2026-2551
A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible to initiate the attack remotely. The exploi...
CVE-2026-2552
A vulnerability was identified in ZenTao up to 21.7.8. Affected by this issue is the function delete of the file editor/control.php of the component Committer. Such manipulation of the argument filePath leads to path traversal. Upgrading to version 21.7.9 can resolve this issue. The affected...
CVE-2026-2551 ZenTao Backup control.php delete path traversal
A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible to initiate the attack remotely. The exploi...
CVE-2026-2551 ZenTao Backup control.php delete path traversal
A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible to initiate the attack remotely. The exploi...
CVE-2026-2551
A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible to initiate the attack remotely. The exploi...
CVE-2026-2551
CVE-2026-2551 affects ZenTao up to version 21.7.8. The vulnerability resides in the Backup Handler component, specifically the delete function in editor/control.php, where manipulating the fileName argument enables path traversal. This can be triggered remotely; exploitation has been publicly dis...