OESA-2026-2427 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

OESA-2026-2426 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

OESA-2026-2425 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

CVE-2026-43894

A flaw was found in jq, a tool used for processing JSON data from the command line. A remote attacker can exploit a vulnerability by providing a specially crafted large number as input. This can cause an internal calculation error, leading to a memory overflow where the attacker can write their o...

RHCOS 4 : OpenShift Container Platform 4.7.9 (RHSA-2021:1366)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1366 advisory. - golang: data race in certain net/http servers including ReverseProxy can lead to DoS CVE-2020-15586 - golang: ReadUvarint and...

glib: Integer overflow in in g_escape_uri_string()

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...

Ubuntu: Security Advisory (USN-7973-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7973-1 cjson vulnerabilities

It was discovered that cJSON incorrectly handled parsing large numbers. An attacker could possibly use this issue to cause a denial of service. CVE-2023-26819 It was discovered that cJSON may perform out-of-bounds read when processing specially crafted JSON files using parseobject. An attacker...

USN-7973-1: cJSON vulnerabilities

It was discovered that cJSON incorrectly handled parsing large numbers. An attacker could possibly use this issue to cause a denial of service. CVE-2023-26819 It was discovered that cJSON may perform out-of-bounds read when processing specially crafted JSON files using parseobject. An attacker...

EUVD-2010-2509

Malware in sbrugna...

EUVD-2000-0020

Malware in sbrugna...

EUVD-2003-1197

Malware in sbrugna...

CVE-2024-9395

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 131...

CVE-2024-9395

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 131...

Ubuntu 18.04 LTS : Bind vulnerabilities (USN-6909-2)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6909-2 advisory. USN-6909-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 18.04 LTS. Tenable has extracted the preceding...

CVE-2024-38875

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...

parsson: Denial of Service due to large number parsing

A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service DoS due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected...

BIT-GOLANG-2022-30632 Stack exhaustion on crafted paths in path/filepath

Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators...

CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

parsson: Denial of Service due to large number parsing

A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service DoS due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected...