8 matches found
CVE-2026-57234
A flaw was found in Nokogiri, an XML and HTML library for Ruby. The NONET parse option, intended to prevent external resource fetching, was not correctly enforced in the JRuby implementation of Nokogiri::XML::Schema. This oversight could allow a specially crafted XML schema to fetch external...
CVE-2025-70102
CVE-2025-70102 describes a NULL pointer dereference in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 during option parsing (parse_option in src/if-options.c:1886). The issue occurs when a NULL pointer of type struct dhcp_opt is accessed after an unexpected/invalid option token or parsing state y...
EUVD-2022-48113
Malicious code in bioql PyPI...
CVE-2022-45213
perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL...
SUSE CVE-2024-45775
A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption function, leading...
DEBIAN-CVE-2024-45775
A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption function, leading...
Code injection
perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL...
perfSONAR 安全漏洞
perfSONAR is a widely deployed test and measurement infrastructure used by scientific networks and facilities around the world to monitor and ensure network performance. A security vulnerability exists in perfSONAR versions prior to 4.4.6, which stems from the ability to use the "parse" option on...