GStreamer 缓冲区错误漏洞

GStreamer is the GStreamer open source set of frameworks for processing streaming media. GStreamer suffers from a buffer error vulnerability that stems from an out-of-bounds write vulnerability found in the gstssaparseremoveoverridecodes function in the gstssaparse.c file...

The vulnerability of the Parse() function in the Golang programming language, related to integer overflow, allows attackers to cause a service failure.

The vulnerability of the Parse function in the Golang programming language is related to an infinite loop with integer overflow. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

ROS-20241203-01

The Go programming language vulnerability is related to errors in processing special characters "" in the in the context of CSS. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Parse function of the Golang programming...

sqlparse: parsing heavily nested list leads to denial of service

A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...

go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...

ROS-20241001-10

A vulnerability in the Parse function of the Go programming language is related to uncontrolled recursion. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. A vulnerability in the Decoder.Decode function of the Go programming language is...

go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...

The vulnerability of the `cv::XMLParser::parse` function in the `modules/core/src/persistence.cpp` file of the OpenCV library, a open-source computer vision and image processing software, relates to pointer dereferencing errors. This vulnerability allows attackers to trigger a service denial.

The vulnerability of the cv::XMLParser::parse function in the modules/core/src/persistence.cpp file of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, is related to pointer dereferencing errors. Exploiting this vulnerability could allow a...

The vulnerability of the Parse function in the Go programming language, which allows a hacker to trigger a service failure

The vulnerability of the Parse function in the Go programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

CVE-2024-34158

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...

PT-2024-6107 · Go +10 · Go +10

Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.23.1 and 1.22.1 Description: The issue is related to the Parse function in the Go programming language, which can cause a panic due to stack exhaustion when dealing with deeply nested literals in Go source code. This ca...

CVE-2024-39853

adolphdudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function parse. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

Swiper Security Vulnerabilities

Swiper is a free mobile touch slider by Vladimir Kharlampidi personal developer. It is intended for use in mobile websites, mobile web applications and mobile native applications. A security vulnerability exists in Swiper version v0.0.2, which stems from the inclusion of prototype contamination v...

PT-2024-28701 · Unknown · Ratio-Swiper

Name of the Vulnerable Software and Affected Versions: ratio-swiper version 0.0.2 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS by injecting arbitrary properties via the parse function, which is vulnerable to prototype pollution. Recommendation...

PT-2024-28316 · Adolph Dudu · Ratio-Swiper

Name of the Vulnerable Software and Affected Versions: adolph dudu ratio-swiper version 0.0.2 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties through a prototype pollution vulnerability in the parse function...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in the ProtocolCellIdentityParserV4::Parse module of protocolnetadapter.cpp, which may allow out-of-bounds reads...

PT-2024-26435 · Libyaml · Libyaml

Name of the Vulnerable Software and Affected Versions: libyaml version 0.2.5 Description: The issue affects the function yaml parser parse of the file /src/libyaml/src/parser.c, making libyaml vulnerable to Denial of Service DDOS attacks. Recommendations: As a temporary workaround, consider...

CVE-2024-29651

CVE-2024-29651 is a Prototype Pollution vulnerability in API Dev Tools json-schema-ref-parser (versions 11.0.0 and 11.1.0). The flaw allows remote code execution or denial of service by manipulating Object.prototype via bundle(), parse(), resolve(), or dereference() functions. Affected IBM stack ...

sqlparse 安全漏洞

sqlparse is Python's non-validating SQL parser. It provides support for parsing, splitting, and formatting SQL statements. A security vulnerability exists in sqlparse that stems from an application passing a nested list to sqlparse.parse, resulting in a denial of service...

UBUNTU-CVE-2023-46566

Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e31745138a30e2509145b0c529c allows a remote attacker to cause a denial of service via the parse function in the TftpPacketFactory class...