Lucene search
K

42 matches found

OSV
OSV
added 2024/10/08 10:20 p.m.3 views

GHSA-QJRV-V6QP-X99X SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings

The error rendering code from the parser would panic when handling failed parsing of queries where the error occurred when converting an empty string to a SurrealDB value. This would be the case when casting an empty string to a record, duration or datetime, as well as potentially when parsing an...

7.1CVSS7.7AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/10 12:0 a.m.5 views

PT-2024-18938 · Npm · Node-Stringbuilder

Name of the Vulnerable Software and Affected Versions: node-stringbuilder versions all Description: The issue arises from incorrect memory length calculation in the node-stringbuilder package, leading to an Out-of-bounds Read. This occurs when methods such as ToBuffer, ToString, or CharAt are...

9.1CVSS7.3AI score0.00822EPSS
Exploits1References13
Veracode
Veracode
added 2024/07/01 9:21 a.m.7 views

Authentication Bypass

TYPO3 is vulnerable to Authentication Bypass. The vulnerability is due to the default authentication service failing to invalidate empty strings as passwords...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/01/25 8:35 a.m.4 views

libxml2: Hashing of empty dict strings isn't deterministic

A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors...

6.5CVSS7.3AI score0.01013EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/15 5:37 p.m.6 views

libxml2: Hashing of empty dict strings isn't deterministic

A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors...

6.5CVSS7.3AI score0.01013EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/08 8:30 a.m.4 views

libxml2: Hashing of empty dict strings isn't deterministic

A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors...

6.5CVSS7.3AI score0.01013EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/01 8:55 a.m.4 views

libxml2: Hashing of empty dict strings isn't deterministic

A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors...

6.5CVSS7.3AI score0.01013EPSS
Exploits0References4
OSV
OSV
added 2023/04/27 9:31 a.m.5 views

SUSE-SU-2023:2054-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-29469: Fixed inconsistent result when hashing empty strings bsc1210412. - CVE-2023-28484: Fixed NULL pointer dereference in xmlSchemaFixupComplexType bsc1210411...

6.5CVSS6.8AI score0.01086EPSS
Exploits1References5
OSV
OSV
added 2023/04/24 9:15 p.m.7 views

AZL-26282 CVE-2023-29469 affecting package libxml2 for versions less than 2.10.4-1

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...

6.5CVSS6.8AI score0.01013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2023/04/11 7:29 p.m.36 views

CVE-2023-29469

A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors...

5.9CVSS6.6AI score0.01013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:15 a.m.4 views

SUSE CVE-2015-6243

The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service application crash via a crafted packet, related to the 1 dissectorgetstringhandle and 2...

4.3CVSS6.7AI score0.02963EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/04/05 12:0 a.m.4 views

Qualcomm 芯片 缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products,...

9.4CVSS8.2AI score0.00944EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/20 3:10 p.m.5 views

OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS7.3AI score0.03899EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/21 11:39 a.m.5 views

OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS7.3AI score0.03899EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/03/06 12:0 a.m.8 views

The vulnerability of the atol8 function in the libarchive library, which allows a hacker to cause a service failure

The vulnerability of the atol8 function archivereadsupportformatxar.c in the libarchive library is related to errors in processing empty strings, which can lead to buffer overflows. Exploiting this vulnerability could allow a malicious actor to cause service failures...

6.5CVSS6.9AI score0.03341EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVE
added 2017/09/08 2:0 p.m.29 views

CVE-2017-14166

libarchive 3.3.2 allows remote attackers to cause a denial of service xmldata heap-based buffer over-read and application crash via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archivereadsupportformatxar.c...

6.5CVSS5.3AI score0.03341EPSS
Exploits0References1
Prion
Prion
added 2017/09/06 6:29 p.m.17 views

Heap overflow

libarchive 3.3.2 allows remote attackers to cause a denial of service xmldata heap-based buffer over-read and application crash via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archivereadsupportformatxar.c...

4.3CVSS6.2AI score0.03341EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2017/09/06 6:29 p.m.1 views

DEBIAN-CVE-2017-14166

libarchive 3.3.2 allows remote attackers to cause a denial of service xmldata heap-based buffer over-read and application crash via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archivereadsupportformatxar.c...

6.5CVSS6.6AI score0.03341EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/09/06 6:0 p.m.31 views

CVE-2017-14166

libarchive 3.3.2 allows remote attackers to cause a denial of service xmldata heap-based buffer over-read and application crash via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archivereadsupportformatxar.c...

6.7AI score0.03341EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2017/09/06 6:0 p.m.19 views

CVE-2017-14166

libarchive 3.3.2 allows remote attackers to cause a denial of service xmldata heap-based buffer over-read and application crash via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archivereadsupportformatxar.c...

6.5CVSS6.7AI score0.03341EPSS
Exploits0
Rows per page
Query Builder