25 matches found
CVE-2026-34717 OpenProject: SQL Injection in Cost Reporting =n Operator via parse_number_string
OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE clauses without parameterization. This issue has been patched in version 17.2.3...
EUVD-2021-13012
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-38517
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h whe...
CVE-2022-45492
Buffer overflow vulnerability in function jsonparsenumber in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...
The vulnerability of the GenericReader::ParseNumber() function in the RapidJSON library for processing JSON files on Windows operating systems allows a malicious individual to escalate their privileges.
The vulnerability of the GenericReader::ParseNumber function in the RapidJSON library for processing JSON files on Windows operating systems is related to integer overflow. Exploiting this vulnerability can allow an attacker to enhance their privileges through the use of a specially created...
OESA-2024-1857 rapidjson security update
RapidJSON as a fast JSON parser which generator for c++. Its inspired by RapidXML. Its supports both SAX & DOM style API. Its small but complete. Its fast, Its preformance can be comparabel to strlen. Its self-contained. It doesnt depend on external libraries such as BOOST. Its Unicode and memory...
SUSE CVE-2024-38517
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
AZL-45330 CVE-2024-38517 affecting package opencc 1.1.1-3
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
AZL-43315 CVE-2024-39684 affecting package ceph for versions less than 16.2.10-5
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
AZL-45423 CVE-2024-39684 affecting package opencc 1.1.1-3
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
AZL-43245 CVE-2024-38517 affecting package rapidjson for versions less than 1.1.0-8
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
AZL-43300 CVE-2024-38517 affecting package rapidjson for versions less than 1.1.0-8
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
AZL-43618 CVE-2024-39684 affecting package opencc 1.1.1-3
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
AZL-43297 CVE-2024-39684 affecting package rapidjson for versions less than 1.1.0-8
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
DEBIAN-CVE-2024-38517
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
UBUNTU-CVE-2024-39684
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...
Integer Overflow to Buffer Overflow
Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h file. An attacker can elevate privileges by sending a crafted file that triggers the overflow when parsed. Remediation There is...
PT-2024-5552 · Tencent +4 · Rapidjson +4
Name of the Vulnerable Software and Affected Versions: Tencent RapidJSON affected versions not specified Description: The issue is related to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. This can be exploited b...
AZL-74514 CVE-2022-45492 affecting package suitesparse 7.11.0-1
Buffer overflow vulnerability in function jsonparsenumber in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...
CVE-2022-45492
Buffer overflow vulnerability in function jsonparsenumber in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...