Malicious code in gulp-json-buffer-grus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60f5c127955b6f819a7c29832a75f751a7060b856d48eeca69ce552869a8fd0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143117 Malicious code in gulp-json-buffer-grus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60f5c127955b6f819a7c29832a75f751a7060b856d48eeca69ce552869a8fd0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2018-17072

JSON++ through 2016-06-15 has a buffer over-read in yyparse in json.y...

Sophos Web Gateway 4.4.1 Cross Site Scripting

KL-001-2018-001 : Sophos Web Gateway Persistent Cross Site Scripting Vulnerability Title: Sophos Web Gateway Persistent Cross Site Scripting Vulnerability Advisory ID: KL-001-2018-001 Publication Date: 2018.01.26 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-001.txt ...

CVE-2015-4590

The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service crash via a JSON string with a \ backslash followed by a terminator, as demonstrated by "\\0", which triggers a buffer overflow and over-read...