Lucene search
K

466 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/23 6:53 p.m.6 views

CVE-2026-26209

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS5.8AI score0.00417EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.9 views

PT-2026-27176

Name of the Vulnerable Software and Affected Versions cbor2 versions prior to 5.9.0 Description The cbor2 library is susceptible to a Denial of Service DoS attack due to uncontrolled recursion when decoding deeply nested CBOR structures. This affects both the pure Python implementation and the C...

7.5CVSS7.2AI score0.00417EPSS
Exploits1References24
SUSE CVE
SUSE CVE
added 2026/03/20 10:29 a.m.4 views

SUSE CVE-2006-10003

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...

7.5CVSS6AI score0.00548EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/03/19 11:10 p.m.4 views

CVE-2006-10003

A flaw was found in XML::Parser, a Perl module for parsing XML. This vulnerability, an off-by-one heap buffer overflow, occurs when processing an XML file with very deep element nesting. A remote attacker could exploit this by providing a specially crafted XML file, potentially leading to memory...

9.8CVSS5.8AI score0.00548EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/19 12:30 p.m.8 views

EUVD-2006-7234

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...

9.8CVSS6AI score0.00548EPSS
Exploits0References4
NVD
NVD
added 2026/03/19 12:16 p.m.5 views

CVE-2006-10003

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...

9.8CVSS0.00548EPSS
Exploits0References21
OSV
OSV
added 2026/03/19 12:16 p.m.6 views

UBUNTU-CVE-2006-10003

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...

9.8CVSS6AI score0.00548EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/19 11:8 a.m.3 views

CVE-2006-10003 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...

6AI score0.00548EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/19 11:8 a.m.28 views

CVE-2006-10003 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...

0.00548EPSS
Exploits0References3
CVE
CVE
added 2026/03/19 11:8 a.m.17 views

CVE-2006-10003

XML::Parser (Perl) up to version 2.47 contains an off-by-one heap buffer overflow in st_serial_stack, enabling memory corruption and crashes on deeply nested XML. A patched version is available (varies by distro) — Debian fixes 2.46-2+deb11u1 and 2.47-2~deb13u1; RedHat/Debian/Linux advisories als...

9.8CVSS6AI score0.00548EPSS
Exploits0References21Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/19 11:8 a.m.10 views

CVE-2006-10003

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...

9.8CVSS6AI score0.00548EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/03/19 11:8 a.m.4 views

CVE-2006-10003

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...

9.8CVSS5.6AI score0.00548EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.6 views

XML::Parser 安全漏洞

XML::Parser is an open-source XML document parsing module written in Perl by CPAN authors. Versions of XML::Parser 2.47 and earlier contained security vulnerabilities. These vulnerabilities were caused by a buffer overflow in stserialstack, which could lead to writing beyond the allocated buffer...

9.8CVSS6.1AI score0.00548EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2006-10003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be...

9.8CVSS6AI score0.00548EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/18 9:50 p.m.3 views

CVE-2026-32944 Parse Server crash via deeply nested query condition operators

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.21 and 8.6.45, an unauthenticated attacker can crash the Parse Server process by sending a single request with deeply nested query condition operators. This terminates the...

8.7CVSS5.7AI score0.00483EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/18 8:17 p.m.7 views

Natural Language Toolkit (NLTK) has unbounded recursion in JSONTaggedDecoder.decode_obj() may cause DoS

Summary JSONTaggedDecoder.decodeobj in nltk/jsontags.py calls itself recursively without any depth limit. A deeply nested JSON structure exceeding sys.getrecursionlimit default: 1000 will raise an unhandled RecursionError, crashing the Python process. Affected code File: nltk/jsontags.py, lines...

5.9AI score
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/18 8:17 p.m.9 views

GHSA-RF74-V2FM-23PW Natural Language Toolkit (NLTK) has unbounded recursion in JSONTaggedDecoder.decode_obj() may cause DoS

Summary JSONTaggedDecoder.decodeobj in nltk/jsontags.py calls itself recursively without any depth limit. A deeply nested JSON structure exceeding sys.getrecursionlimit default: 1000 will raise an unhandled RecursionError, crashing the Python process. Affected code File: nltk/jsontags.py, lines...

5.1CVSS5.9AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/18 1:1 p.m.6 views

UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop

Summary ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent parameter and the nested depth of the input exceeds INT32MAX. It can also get stuck in an infinite loop if the indent is a large negative number. Both are caused by an integer overflow/underflow...

7.5CVSS6AI score0.00469EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/03/17 4:17 p.m.4 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion when decoding ASN.1 data. An attacker can cause the application to crash or exhaust system memory by supplying specially crafted ASN.1 data with deeply nested SEQUENCE or SET tags using indefinite Length markers...

8.7CVSS7.2AI score0.0058EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/17 2:7 p.m.7 views

Uncontrolled Recursion

Overview justhtml is an A pure Python HTML5 parser that just works. Affected versions of this package are vulnerable to Uncontrolled Recursion in the construction, when parsing deeply nested HTML structures. An attacker can cause the application to terminate unexpectedly or fail requests by...

7.1CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder