EUVD-2023-2459

Malicious code in bioql PyPI...

EUVD-2022-7491

Malicious code in bioql PyPI...

CVE-2023-42277

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath...

CVE-2022-41678

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandlerhandlePostRequest is able to create JmxRequest...

hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath...

Hutool Security Vulnerabilities

Hutool is a small but complete Java tool library from the Chinese Dromara community. A security vulnerability exists in Hutool version v5.8.21, which stems from a buffer overflow vulnerability in the component jsonObject.putByPath...

CVE-2023-42277

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath...

jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service...

jiraclient (>=2.1.11 <=2.1.13), jsonobject-couchdbkit (>=0.9.2 <=0.9.7) +2 more potentially affected by CVE-2015-2674 via restkit (=4.2.2)

restkit PYPI version =4.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on restkit and may be impacted: - jiraclient =2.1.11, =0.9.2, =0.4.0, =0.5.3 - pyrunscope =0.9.0a1 Source cves: CVE-2015-2674 Source advisory: OSV:GHSA-P9CV-HRXR-FXX8...

Apple Safari Technology Preview WebKit Input Validation Vulnerability

Apple Safari Technology Preview is a browser from Apple.WebKit is an open source web browser engine developed by the KDE community and currently used by Apple Safari and Google Chrome. A security vulnerability exists in the runtime/JSONObject.cpp file of WebKit's JavaScriptCore in Apple Safari...

jiraclient (>=2.1.11 <=2.1.13), jsonobject-couchdbkit (>=0.9.2 <=0.9.7) +2 more potentially affected by CVE-2015-2674 via restkit (=4.2.2)

restkit PYPI version =4.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on restkit and may be impacted: - jiraclient =2.1.11, =0.9.2, =0.4.0, =0.5.3 - pyrunscope =0.9.0a1 Source cves: CVE-2015-2674 Source advisory: OSV:PYSEC-2017-69...

Type confusion

runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service segmentation violation and application crash via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function...