EUVD-2025-33578

Amazon.IonDotnet is vulnerable to Denial of Service attacks...

CVE-2025-11573

An infinite loop issue in Amazon.IonDotnet library versions v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input. To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not...

CVE-2025-11573

An infinite loop issue in Amazon.IonDotnet library versions v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input. To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not...

CVE-2025-11573

CVE-2025-11573 affects Amazon.IonDotnet library. Versions earlier than 1.3.2 are vulnerable to an infinite loop triggered by specially crafted text input, leading to denial of service. Remediation is to upgrade to 1.3.2 or higher; the library has been deprecated as of 2025-08-20 and will not rece...

CVE-2024-9968

WebEIP v3.0 from NewType does not properly validate user input, allowing remote attackers with regular privilege to inject SQL commands to read, modify, and delete data stored in database. The affected product is no longer maintained. It is recommended to upgrade to the new product...

GHSA-P2Q9-36VW-C468 olm-sys: wrapped library unmaintained, potentially vulnerable

After several cryptographic vulnerabilities in libolm were disclosed publicly, the Matrix Foundation has officially deprecated the library. olm-sys is a thin wrapper around libolm and is now deprecated and potentially vulnerable in kind. Users of olm-sys and its higher-level abstraction, olm-rs,...

ROS-20230124-04

The vulnerability in the Mozilla Firefox browser is due to the fact that a deprecated library libusrsctp contained a vulnerability that could potentially be exploited. vulnerabilities that could potentially be exploited. Exploitation of the vulnerability could allow an attacker acting remotely to...

Internal Property Tampering

Overview taffy is an opensouce library that brings database features into your JavaScript applications. Affected versions of this package are vulnerable to Internal Property Tampering. taffy sets an internal index for each data item in its DB. However, it is found that the internal index can be...

GHSA-57CF-349J-352G Out-of-bounds Read in npmconf

Versions of npmconf before 2.1.3 allocate and write to disk uninitialized memory contents when a typed number is passed as input on Node.js 4.x. Recommendation Update to version 2.1.3 or later. Consider switching to another config storage mechanism, as npmconf is deprecated and should not be used...