Lucene search
K

29 matches found

OSV
OSV
added 2026/05/22 1:21 p.m.7 views

OESA-2026-2426 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.3CVSS6AI score0.00161EPSS
Exploits7References8
OSV
OSV
added 2026/05/22 1:21 p.m.7 views

OESA-2026-2425 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.3CVSS6AI score0.00161EPSS
Exploits7References8
EUVD
EUVD
added 2026/03/19 6:31 p.m.5 views

EUVD-2026-13150

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.2CVSS6.2AI score0.00471EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/03/19 5:45 p.m.5 views

CVE-2026-3548

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.8CVSS5.8AI score0.00471EPSS
Exploits1
OSV
OSV
added 2026/03/11 8:21 a.m.5 views

OPENSUSE-SU-2026:20340-1 Security update for cJSON

This update for cJSON fixes the following issues: - Update to version 1.7.19 Check for NULL in cJSONDetachItemViaPointer. Check overlap before calling strcpy in cJSONSetValuestring. Fix Max recursion depth for cJSONDuplicate to prevent stack exhaustion. Allocate memory for the temporary buffer wh...

9.8CVSS6AI score0.00693EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2026/01/27 12:0 a.m.109 views

Ubuntu: Security Advisory (USN-7973-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.9AI score0.00693EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2026/01/23 4:53 a.m.8 views

USN-7973-1: cJSON vulnerabilities

It was discovered that cJSON incorrectly handled parsing large numbers. An attacker could possibly use this issue to cause a denial of service. CVE-2023-26819 It was discovered that cJSON may perform out-of-bounds read when processing specially crafted JSON files using parseobject. An attacker...

9.8CVSS5.7AI score0.00693EPSS
Exploits3
OSV
OSV
added 2026/01/23 4:53 a.m.4 views

USN-7973-1 cjson vulnerabilities

It was discovered that cJSON incorrectly handled parsing large numbers. An attacker could possibly use this issue to cause a denial of service. CVE-2023-26819 It was discovered that cJSON may perform out-of-bounds read when processing specially crafted JSON files using parseobject. An attacker...

9.8CVSS5.8AI score0.00693EPSS
Exploits3References4
OSV
OSV
added 2025/12/12 1:25 p.m.6 views

CLSA-2025-1765545936 haproxy: Fix of CVE-2025-11230

CVE-2025-11230: fix possible DoS in mjson library when parsing numbers...

7.5CVSS7.1AI score0.00469EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/10/10 7:22 a.m.8 views

Security update for cJSON

This update for cJSON fixes the following issues: CVE-2023-26819: Allocate memory for the temporary buffer when paring numbers bsc1241502 CVE-2025-57052: Fix the incorrect check in decodearrayindexfrompointer bsc1249112 Patch Instructions: To install this SUSE update use the SUSE recommended...

8.2CVSS7.2AI score0.00693EPSS
Exploits2References8
OSV
OSV
added 2025/10/10 7:22 a.m.0 views

SUSE-SU-2025:03520-1 Security update for cJSON

This update for cJSON fixes the following issues: - CVE-2023-26819: Allocate memory for the temporary buffer when paring numbers bsc1241502 - CVE-2025-57052: Fix the incorrect check in decodearrayindexfrompointer bsc1249112...

9.8CVSS7.2AI score0.00693EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.1 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : HAProxy vulnerability (USN-7805-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7805-1 advisory. Oula Kivalo discovered that HAProxy incorrectly handled parsing certain json numbers. A remote attacker could possibly use this issue to cause...

7.5CVSS7.2AI score0.00469EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2024-23311

Malicious code in bioql PyPI...

4.7CVSS6.5AI score0.00467EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1039

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.01089EPSS
Exploits0References5
Debian
Debian
added 2025/10/03 12:30 p.m.8 views

[SECURITY] [DSA 6017-1] haproxy security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6017-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 03, 2025 https://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.00469EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.2 views

PT-2025-40954

Name of the Vulnerable Software and Affected Versions HAProxy versions prior to 2.6.12-1+deb12u3 HAProxy versions prior to 3.0.11-1+deb13u1 HAProxy version 3.0.8-1ubuntu1.2 Description HAProxy is susceptible to a denial of service condition when parsing specific JSON numbers. An attacker could...

7.5CVSS6.4AI score0.00469EPSS
Exploits0References46
Tenable Nessus
Tenable Nessus
added 2024/07/10 12:0 a.m.32 views

Fortinet Fortigate - IP address validation mishandles zero characters (FG-IR-23-446)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-446 advisory. - An incorrect parsing of numbers with different radices vulnerability CWE-1389 in FortiProxy version 7.4.3 and below, versio...

4.7CVSS5.7AI score0.00467EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/09 3:33 p.m.43 views

CVE-2024-26015

An incorrect parsing of numbers with different radices vulnerability CWE-1389 in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit a...

3.4CVSS4.1AI score0.00467EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/03/06 3:38 p.m.5 views

parsson: Denial of Service due to large number parsing

A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service DoS due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected...

7.5CVSS7.1AI score0.00764EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/03/06 3:32 p.m.6 views

parsson: Denial of Service due to large number parsing

A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service DoS due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected...

7.5CVSS7.1AI score0.00764EPSS
Exploits1References4
Rows per page
Query Builder