AlmaLinux 9 : ruby:4.0 (ALSA-2026:20596)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:20596 advisory. ruby/json: Ruby JSON: Denial of Service or Information Disclosure via format string injection CVE-2026-33210 erb: ERB: Arbitrary code execution via...

CVE-2019-20493

cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled SEC-520...

CVE-2023-4883

Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...

EUVD-2019-11037

Malware in sbrugna...

EUVD-2012-3504

Malware in sbrugna...

EUVD-2015-7316

Malware in sbrugna...

EUVD-2025-19423

Malicious code in bioql PyPI...

EUVD-2023-54722

Malicious code in bioql PyPI...

EUVD-2022-6438

Malicious code in bioql PyPI...

CVE-2025-6522

Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well formed JSON string...

Out-of-bounds Read

Overview json is a JSON implementation as a Ruby extension in C. Affected versions of this package are vulnerable to Out-of-bounds Read in the jsonstringunescape function in parser.c. An attacker can cause a crash by supplying a JSON object containing malicious unicode escape sequences, like...

CVE-2023-4883

Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...

Design/Logic Flaw

Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...

CVE-2023-4883 Multiple vulnerabilities in Open5GS

Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...

CVE-2023-4883 Multiple vulnerabilities in Open5GS

Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...

CVE-2023-39685

An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service DoS via supplying a crafted JSON string...

CVE-2023-39685

An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service DoS via supplying a crafted JSON string...

Design/Logic Flaw

An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service DoS via supplying a crafted JSON string...

CVE-2023-39685

An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service DoS via supplying a crafted JSON string...

Denial Of Services (DoS)

flexjson is vulnerable to Denial Of Services DoS. The vulnerability exists due to a lack of nesting depth checks in the library, allowing an attacker to cause an application crash by passing a maliciously crafted JSON string...