protobuf: StackOverflow vulnerability in Protocol Buffers

A flaw was found in Protocol Buffers protobuf. This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion...

protobuf: StackOverflow vulnerability in Protocol Buffers

A flaw was found in Protocol Buffers protobuf. This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion...

EUVD-2024-49052

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-25001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the serdecbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags. CVE-2019-2500...

CVE-2024-8263

An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version 3.10.17, 3.11.15, 3.12.9, 3.13.4, and 3.14.1. Thi...

CVE-2024-8263

An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version 3.10.17, 3.11.15, 3.12.9, 3.13.4, and 3.14.1. Thi...

PT-2024-38898 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.10.17 GitHub Enterprise Server versions prior to 3.11.15 GitHub Enterprise Server versions prior to 3.12.9 GitHub Enterprise Server versions prior to 3.13.4 GitHub Enterprise Server versions prior ...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stem...

SUSE CVE-2010-1677

MHonArc 2.6.16 allows remote attackers to cause a denial of service CPU consumption via start tags that are placed within other start tags, as demonstrated by a dydydydy sequence, a different vulnerability than CVE-2010-4524...

SUSE CVE-2016-10040

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service application crash via a xml file with multiple nested open tags...

GHSA-XR7R-88QV-Q7HM Out of bounds write in serde_cbor

Affected versions of this crate did not properly check if semantic tags were nested excessively during deserialization. This allows an attacker to craft small 1 kB CBOR documents that cause a stack overflow. The flaw was corrected by limiting the allowed number of nested tags...

RUSTSEC-2019-0025 Flaw in CBOR deserializer allows stack overflow

Affected versions of this crate did not properly check if semantic tags were nested excessively during deserialization. This allows an attacker to craft small 1 kB CBOR documents that cause a stack overflow. The flaw was corrected by limiting the allowed number of nested tags...

Flaw in CBOR deserializer allows stack overflow

Affected versions of this crate did not properly check if semantic tags were nested excessively during deserialization. This allows an attacker to craft small 1 kB CBOR documents that cause a stack overflow. The flaw was corrected by limiting the allowed number of nested tags...

Denial Of Service (DoS)

github.com/golang/net is vulnerable to a denial of service DoS attack. The library does not parse nested tags properly, causing a panic: runtime error exception which crashes the application...

UBUNTU-CVE-2018-17846

The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification...

GHSA-Q4QQ-FM7Q-CWP5 Multiple XSS Filter Bypasses in validator

Versions of validator prior to 1.1.0 are affected by several cross-site scripting vulnerabilities due to bypasses discovered in the blacklist-based filter. Proof of Concept Various inputs that could bypass the filter were discovered: Improper parsing of nested tags: This is a test Incomplete...

UBUNTU-CVE-2016-10040

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service application crash via a xml file with multiple nested open tags...

DEBIAN-CVE-2016-10040

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service application crash via a xml file with multiple nested open tags...

CVE-2016-10040

Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service application crash via a xml file with multiple nested open tags...

Microsoft XML Core Services Nested Tag Memory Corruption- Ver2 (CVE-2007-0099)

A memory corruption vulnerability has been reported in Xml Core Services. The vulnerability is due to the way that Microsoft XML Core Services handles nested tags. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...