14 matches found
Uncontrolled Recursion
Overview Scriban is a Scriban is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Today, not only Scriban can be used in text templating scenarios, but also can ...
qs's arrayLimit bypass in comma parsing allows denial of service
Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...
CVE-2026-2391
Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...
CVE-2021-33438
An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is stack buffer overflow in jsonparsearray in mjs.c...
EUVD-2025-177319
Malicious code in parse-array-slow-emulate-notify npm...
Linux Distros Unpatched Vulnerability : CVE-2025-38307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify content returned by parseintarray The first element of the returned...
SUSE CVE-2018-0202
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format .pdf...
SUSE CVE-2018-5686
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdfparsearray function pdf/pdf-parse.c because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file...
Stack overflow
An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is stack buffer overflow in jsonparsearray in mjs.c...
Cesanta MJS 缓冲区错误漏洞
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS mJS: Restricted JavaScript engine...
Cesanta MJS 缓冲区错误漏洞
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A stack overflow vulnerability exists in parsearray in Cesanta MJS version 1.20.1...
Artifex Software MuPDF 'pdf_parse_array' function infinite loop vulnerability
Artifex Software MuPDF is a free, lightweight PDF reader from Artifex Software, USA. An infinite loop vulnerability exists in the 'pdfparsearray' function of the pdf/pdf-parse.c file in MuPDF version 1.12.0. A remote attacker can exploit this vulnerability to cause a denial of service application...
UBUNTU-CVE-2018-5686
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdfparsearray function pdf/pdf-parse.c because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file...
PT-2018-17083 · Artifex · Mupdf
Name of the Vulnerable Software and Affected Versions: MuPDF version 1.12.0 Description: The issue is related to an infinite loop vulnerability and application hang in the pdf parse array function, located in pdf/pdf-parse.c, due to the failure to consider the End Of File EOF. This allows remote...