138 matches found
SUSE SLES15 Security Update : protobuf (SUSE-SU-2026:0517-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0517-1 advisory. - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173. Tenable has extracted the...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:0563-1 Security update for protobuf
This update for protobuf fixes the following issues: - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173...
SUSE-SU-2026:20352-1 Security update for protobuf
This update for protobuf fixes the following issues: - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173...
protobuf affected by a JSON recursion depth bypass
A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...
CVE-2026-0994
A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...
[SECURITY] Fedora 43 Update: rpki-client-9.7-1.fc43
The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...
[SECURITY] Fedora 43 Update: gi-loadouts-0.1.10-2.fc43
This is a desktop application that allows travelers to manage their custom equipment of artifacts and weapons for playable characters and makes it convenient for travelers to calculate the associated statistics based on their equipment using the semantic understanding of how the gameplay works...
EUVD-2015-9111
Malware in sbrugna...
EUVD-2018-8474
Malware in sbrugna...
EUVD-2021-24224
Malware in sbrugna...
EUVD-2016-10265
Malware in sbrugna...
EUVD-2022-5987
Malicious code in bioql PyPI...
EUVD-2023-34620
Malicious code in bioql PyPI...
EUVD-2023-50863
Malicious code in bioql PyPI...
vuls
This is an open-source vulnerability scanner for Linux and FreeBSD, written in Go. It is an agentless scanner, meaning it does not require any additional software to be installed on the target systems. The scanner is designed to be easy to use and provides a simple command-line interface. The...
[SECURITY] Fedora 42 Update: qt6-qtlottie-6.9.1-1.fc42
Qt Lottie Animation provides a QML API for rendering graphics and animations that are exported in JSON format by the Bodymovin plugin for Adobe After Effects...
CVE-2021-37743
app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format...
CVE-2021-34083
Google-it is a Node.js package which allows its users to send search queries to Google and receive the results in a JSON format. When using the 'Open in browser' option in versions up to 1.6.2, google-it will unsafely concat the result's link retrieved from google to a shell command, potentially...
CVE-2020-8497
In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. The file is in JSON format and it contains user names, user IDs, private messages, and timestamps...