Lucene search
K

14 matches found

OSV
OSV
added 2026/03/19 8:23 a.m.3 views

SUSE-SU-2026:0931-1 Security update for jq

This update for jq fixes the following issue: - CVE-2025-9403: test suite assertion failure in JSON parsing consistency validation bsc1248600...

5.5CVSS5.8AI score0.00194EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2019-5222

Malware in sbrugna...

6.5CVSS6.7AI score0.03754EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-19230

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00307EPSS
Exploits0References1
OSV
OSV
added 2025/09/15 2:30 p.m.3 views

USN-7750-1 libjson-xs-perl vulnerability

It was discovered that JSON-XS incorrectly handled parsing certain JSON data. An attacker could possibly use this issue to cause JSON-XS to crash, resulting in a denial of service...

7.5CVSS5.8AI score0.00603EPSS
Exploits0References2
OSV
OSV
added 2025/07/22 3:54 p.m.5 views

USN-7657-2 jq vulnerabilities

USN-7657-1 fixed CVE-2024-23337 and CVE-2025-48060 in jq. This update provides the corresponding fixes for Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. Original advisory details: It was discovered that jq incorrectly handled certain values when parsing JSON data. A remote attacker...

8.7CVSS6.9AI score0.00443EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/07/10 12:0 a.m.9 views

Amazon Linux 2023 : jackson-core (ALAS2023-2025-1063)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1063 advisory. Jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in...

4CVSS7.6AI score0.00314EPSS
Exploits0References4
NVD
NVD
added 2025/06/26 2:15 p.m.4 views

CVE-2025-6710

MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which coul...

7.5CVSS0.00307EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/26 2:9 p.m.5 views

CVE-2025-6710 Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB

MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which coul...

7.5CVSS7.4AI score0.00307EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/26 12:0 a.m.2 views

PT-2025-26974

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 6.0.21 MongoDB Server versions prior to 7.0.17 MongoDB Server versions prior to 8.0.5 Description: The issue is related to the JSON parsing mechanism in MongoDB Server, where specifically crafted JSON inputs c...

8.8CVSS8.2AI score0.00466EPSS
Exploits0References27
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.5 views

PT-2025-22802

Name of the Vulnerable Software and Affected Versions cJSON versions prior to 1.7.18 Description The issue is related to a heap-based buffer over-read in the parse string function of the cJSON library. This occurs when cJSON ParseWithLength is called with a JSON string that has no trailing newlin...

5.5CVSS5.9AI score0.00219EPSS
Exploits1References23
Citrix
Citrix
added 2025/03/06 12:0 a.m.12 views

uberAgent - Splunk dashboard does not display information about applications and desktops from DaaS

Splunk dashboard CVAD/DaaS Applications & Desktops does not display any information about published applications and desktops for DAAS. uberAgent.log file located in C:\Windows\Temp on the machine used for Citrix Cloud monitoring shows the errors: 2025-03-05 12:11:08.145...

6.7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2025/02/20 12:31 p.m.30 views

DocsGPT Allows Remote Code Execution

A vulnerability, that could result in Remote Code Execution RCE, has been found in DocsGPT. Due to improper parsing of JSON data using eval an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0...

9.3CVSS7.3AI score0.15099EPSS
Exploits3References5Affected Software1
Amazon
Amazon
added 2024/08/15 12:0 a.m.14 views

Medium: nerdctl

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

7.5CVSS7.2AI score0.91969EPSS
Exploits1
EUVD
EUVD
added 2015/10/26 2:0 p.m.4 views

EUVD-2015-5266

Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service server crash via unspecified vectors, which are not properly handled in 1 json or 2 jsonb values...

6.4CVSS7.6AI score0.05045EPSS
Exploits0References23
Rows per page
Query Builder