DEBIAN-CVE-2021-31348

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlparsestr performs incorrect memory handling while parsing crafted XML files out-of-bounds read after a certain strcspn failure...

PT-2020-19723 · Phpjs · Phpjs

Name of the Vulnerable Software and Affected Versions: phpjs versions prior to 1.3.2 and possibly later, as all versions are mentioned as vulnerable in one source, but another source specifies up to 1.3.2. Description: The issue concerns Prototype Pollution via the parse str function. This affect...

libplist 'parse_string_node()' function local denial of service vulnerability

libplist is a small portable C library that handles Apple Property List files in binary or XML. A denial of service vulnerability exists in libimobiledevice libplist version 1.12 in the parsestringnode function in bplist.c, which can cause a denial of service memory allocation error by a local us...

DEBIAN-CVE-2017-6439

Heap-based buffer overflow in the parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write via a crafted plist file...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write. Heap-based buffer overflow in the parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write via a crafted plist file. Remediation Ther...

UBUNTU-CVE-2017-6435

The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...

DEBIAN-CVE-2017-6436

The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...

DEBIAN-CVE-2017-6435

The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...

Resource Management Errors

Overview Affected versions of this package are vulnerable to Resource Management Errors. The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file. Remediation There is no fixed versi...

DEBIAN-CVE-2016-4303

The parsestring function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service crash or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow...

UBUNTU-CVE-2016-4303

The parsestring function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service crash or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow...

CVE-2016-4303

The parsestring function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service crash or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow...

FreeSWITCH Heap Buffer Overflow Vulnerability

FreeSWITCH is a free, open source communications software developed by American software developer Anthony Minessale. A heap buffer overflow vulnerability exists in the 'parsestring' function in the libs/esl/src/esljson.c file in FreeSWITCH versions 1.4.21 and earlier, and version 1.6.0. A remote...

security flaw

The parsestr function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the registerglobals directive via inputs that cause a request to be terminated due to the memorylimit setting, which causes PHP to set an internal flag that...