Lucene search
K

6 matches found

CNNVD
CNNVD
added 2025/12/02 12:0 a.m.4 views

Axios Systems Assyst 安全漏洞

Axios Systems Assyst is an off-the-shelf application from Axios Systems, UK, for managing IT services without the complexity and overhead associated with ITSM platforms such as ServiceNow and BMC Remedy. Axios Systems Assyst has a security vulnerability that stems from a specially crafted dict ke...

9.8CVSS7.2AI score0.00373EPSS
Exploits0References2
OSV
OSV
added 2024/06/24 5:20 a.m.15 views

SUSE-SU-2024:2173-1 Security update for qpdf

This update for qpdf fixes the following issues: - CVE-2018-9918: Fixed mishandled 'expected dictionary key but found non-name object' cases that could have allowed attackers to cause a denial of service. bsc1089090...

7.8CVSS7.2AI score0.01717EPSS
Exploits1References3
OSV
OSV
added 2024/02/14 2:58 a.m.5 views

USN-6629-2 ujson vulnerability

USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash...

5.5CVSS7.5AI score0.0155EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/08/01 8:55 a.m.4 views

libxml2: Hashing of empty dict strings isn't deterministic

A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors...

6.5CVSS7.3AI score0.01013EPSS
Exploits0References4
CNVD
CNVD
added 2018/06/15 12:0 a.m.1 views

i18next cross-site scripting vulnerability (CNVD-2018-14353)

i18next is a translation loading framework written in JavaScript. A cross-site scripting vulnerability exists in i18next 1.10.2 and earlier versions. A remote attacker can exploit this vulnerability by injecting script into the browser with the help of dictionary key names...

6.1CVSS5.9AI score0.00863EPSS
Exploits1References1
NVD
NVD
added 2018/04/10 6:29 p.m.14 views

CVE-2018-9918

libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service stack exhaustion, related to the QPDFObjectHandle and QPDFDictionary classes, because nesting in direct objects is not restricted...

7.8CVSS7.4AI score0.01717EPSS
Exploits1References3
Rows per page
Query Builder