88 matches found
Mozilla: Out of bound read in Date.parse()
Due to confusion processing a hyphen character in Date.parse, a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox 78...
Information Disclosure
parse is vulnerable to information disclosure. The setPassword function stores the user's password in localStorage as raw text, allowing a user to access the localStorage and obtain the password...
Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2020-44565)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A buffer overflow vulnerability exists in Date.parse in versions prior to Mozilla Firefox 78. An attacker can exploit this vulnerability to obtain sensitive information...
PT-2020-19961 · Npm +2 · Url-Parse +2
Name of the Vulnerable Software and Affected Versions: url-parse versions 1.4.4 and earlier Description: The issue is related to insufficient validation and sanitization of user input in the url-parse npm package, which may allow an attacker to bypass security checks. Recommendations: For version...
CVE-2018-3774
Incorrect parsing in url-parse 1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol...
Remote Code Execution
mongo-parse is vulnerable to remote code execution RCE. A malicious user can inject and execute arbitrary code due to the lack of sanitization of user input before executing the eval function...
UBUNTU-CVE-2015-8858
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...
CVE-2016-4539
The xmlparseintostruct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service buffer under-read and segmentation fault or possibly have unspecified other impact via crafted XML data in the second argument,...