240 matches found
Important: Red Hat Security Advisory: ruby4.0 security update
An update for ruby4.0 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: ruby:4.0 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/json: Ruby JSON: Denial of Service or Information Disclosure via format string injection CVE-2026-33210 erb: ERB: Arbitrary...
Fedora 42 : coturn (2026-dfa8ea5809)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-dfa8ea5809 advisory. Coturn 4.11.0 - Fix prometheus response memory leak introduced in 4.10.0 - Use constant-time compare for STUN MESSAGE-INTEGRITY HMAC - Fix format-string...
Astra Linux - уязвимость в ghostscript
Artifex Ghostscript prior to version 10.03.1 allows for memory corruption, and enables SAFER sandbox bypass, through format string injection using a uniprint device...
CVE-2026-6539
Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious nativeLang.xml language pack file. Attackers can distribute a poisoned language pack through...
CVE-2026-6539 Notepad++ 8.9.3 Format String Injection via nativeLang.xml
Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious nativeLang.xml language pack file. Attackers can distribute a poisoned language pack through...
CVE-2026-6539
Notepad++ 8.9.3 is affected by a vulnerability described as a format string injection in the Find Results panel handler, triggered by a malicious nativeLang.xml language pack. The issue can be introduced by poisoned language packs distributed via community channels and triggers format string inte...
CVE-2026-6539
Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious nativeLang.xml language pack file. Attackers can distribute a poisoned language pack through...
PT-2026-36185
Name of the Vulnerable Software and Affected Versions Notepad++ version 8.9.3 Description A format string injection exists in the Find Results panel handler. This occurs when the application processes a maliciously crafted nativeLang.xml language pack file. An attacker can distribute a poisoned...
Notepad++ 格式化字符串错误漏洞
Notepad++ is an open-source plain-text editor developed by Don Ho of Taiwan, China. Version 8.9.3 of Notepad++ has a vulnerability related to format strings. This vulnerability stems from format string injection in the Find Results panel’s processing logic, which may lead to denial-of-service...
Exploit for CVE-2026-3008
CVE-2026-3008 — Notepad++ 8.9.3 Format String Injection via na...
Fedora 44 : rubygem-json (2026-3a7663d43d)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3a7663d43d advisory. New version 2.19.2 is released. This fixes a format string injection vulnerability in JSON.parse, which is now assigned as CVE-2026-33210 Tenable has extract...
Fedora: Security Advisory (FEDORA-2026-8c07fcde49)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 43 : rubygem-json (2026-8c07fcde49)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8c07fcde49 advisory. This new updates backports a fix for a format string injection vulnerability in JSON.parse, which is now assigned as CVE-2026-33210 Tenable has extracted the...
CVE-2026-33210
A flaw was found in Ruby JSON. This vulnerability, a format string injection, allows a remote attacker to cause a denial of service DoS or disclose sensitive information. The flaw occurs when processing specially crafted user-supplied documents with the allowduplicatekey: false parsing option...
Format String Injection
Ruby JSON is vulnerable to Format String Injection. The vulnerability is due to a format string injection vulnerability, where the allowduplicatekey: false parsing option is used to parse user supplied documents and can lead to denial of service attacks or information disclosure...
CVE-2026-33210
Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string injection vulnerability can lead to denial of service attacks or information disclosure, when the allowduplicatekey: false parsing option is used to parse user...
UBUNTU-CVE-2026-33210
Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string injection vulnerability can lead to denial of service attacks or information disclosure, when the allowduplicatekey: false parsing option is used to parse user...
CVE-2026-33210
Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string injection vulnerability can lead to denial of service attacks or information disclosure, when the allowduplicatekey: false parsing option is used to parse user...
CVE-2026-33210
Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string injection vulnerability can lead to denial of service attacks or information disclosure, when the allowduplicatekey: false parsing option is used to parse user...