Astra Linux - уязвимость в libfastjson

JSON-C version 0.14 has an integer overflow issue, and there is a risk of out-of-bounds write operations through a large JSON file, as demonstrated by the printbufmemappend function...

UBUNTU-CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...

CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...

CVE-2025-68659

Discourse is an open source discussion platform. Versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 have an application level denial of service vulnerabilityin the username change functionality at try.discourse.org. The vulnerability allows attackers to cause noticeable server delays and...

Siemens SIMATIC and Ruggedcom ROX Devices Integer Overflow or Wraparound (CVE-2020-12762)

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

EUVD-2025-31327

Malicious code in bioql PyPI...

BIT-GITLAB-2025-10858 Allocation of Resources Without Limits or Throttling in GitLab

An issue was discovered in GitLab CE/EE affecting all versions before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that allows unauthenticated users to cause a Denial of Service DoS condition while uploading specifically crafted large JSON files...

CVE-2025-10858

An issue was discovered in GitLab CE/EE affecting all versions before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that allows unauthenticated users to cause a Denial of Service DoS condition while uploading specifically crafted large JSON files...

CVE-2025-10858 Allocation of Resources Without Limits or Throttling in GitLab

An issue was discovered in GitLab CE/EE affecting all versions before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that allows unauthenticated users to cause a Denial of Service DoS condition while uploading specifically crafted large JSON files...

CVE-2025-10858 Allocation of Resources Without Limits or Throttling in GitLab

An issue was discovered in GitLab CE/EE affecting all versions before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that allows unauthenticated users to cause a Denial of Service DoS condition while uploading specifically crafted large JSON files...

CVE-2025-10858

Removed by vendor...

CVE-2025-10858

GitLab CE/EE vulnerable to unauthenticated DoS when uploading specially crafted large JSON files. Affected branches: all versions before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1. Impact is Denial of Service (availability impact). CVSS 3.1 base score 7.5 (HIGH) with network attack vector...

PT-2025-39622

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions prior to 18.2.7 GitLab CE/EE versions 18.3 through 18.3.2 GitLab CE/EE versions 18.4 through 18.4.0 Description An issue exists that allows unauthenticated users to cause a Denial of Service DoS condition by uploading...

CVE-2025-59398

The OCPP implementation in libocpp before 0.26.2 allows a denial of service EVerest crash via JSON input larger than 255 characters, because a CiString object is created with StringTooLarge set to Throw...

PT-2025-37737

Name of the Vulnerable Software and Affected Versions libocpp versions prior to 0.26.2 Description The OCPP implementation in libocpp is susceptible to a denial of service EVerest crash when processing JSON input exceeding 255 characters. This occurs because a CiString object is created with...

Excessive Memory Consumption

github.com/t2bot/matrix-media-repo is vulnerable to Excessive Memory Consumption. The vulnerability is due to inadequate handling of large JSON responses, allowing an attacker to exhaust system memory and potentially crash the application...

PT-2025-2935 · Unknown +1 · Matrix Media Repo +1

Name of the Vulnerable Software and Affected Versions: Matrix Media Repo MMR versions prior to 1.3.8 Description: The issue arises when Matrix Media Repo MMR makes requests to other servers as part of its normal operation, and these servers return large amounts of JSON for parsing. During parsing...

libfastjson: integer overflow and out-of-bounds write via a large JSON file

A flaw was found in json-c. In printbufmemappend, certain crafted values can overflow the memory allowing an attacker to write past the memory boundary. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

libfastjson: integer overflow and out-of-bounds write via a large JSON file

A flaw was found in json-c. In printbufmemappend, certain crafted values can overflow the memory allowing an attacker to write past the memory boundary. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

libfastjson: integer overflow and out-of-bounds write via a large JSON file

A flaw was found in json-c. In printbufmemappend, certain crafted values can overflow the memory allowing an attacker to write past the memory boundary. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...