CVE-2025-10954

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range"...

CVE-2025-10954

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range"...

CVE-2025-10954

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range"...

CVE-2025-10954

The CVE-2025-10954 entry concerns the Go package github.com/nyaruka/phonenumbers prior to version 1.2.2, where the phonenumbers.Parse() function may panic due to improper validation of input syntax, causing a runtime slice bounds error. Affected component: phonenumbers.Parse() in the library; roo...

Security Bulletin: Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.

Summary Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. Vulnerability Details CVEID:CVE-2024-4340 DESCRIPTION: Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. CWE:CWE-674: Uncontrolled Recursio...

PT-2025-39710

Name of the Vulnerable Software and Affected Versions github.com/nyaruka/phonenumbers versions prior to 1.2.2 Description The package contains an issue related to improper validation of input syntax within the phonenumbers.Parse function. Providing specifically crafted input can lead to a panic,...

CVE-2025-57324

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of...

CVE-2025-10948

A vulnerability has been found in MikroTik RouterOS 7. This affects the function parsejsonelement of the file /rest/ip/address/print of the component libjson.so. The manipulation leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

CLSA-2025-1758896397 php: Fix of CVE-2017-9228

CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions...

CLSA-2025-1758892982 php: Fix of CVE-2017-9228

CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions...

CLSA-2025-1758892974 php: Fix of CVE-2017-9228

CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the ParseScript function in the Diagnostic Message Handler component of scriptparser.cpp. An attacker can execute arbitrary code or cause a denial of service by providing a specially crafted argument to...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the ParseScript function in the Diagnostic Message Handler component of scriptparser.cpp. An attacker can execute arbitrary code or cause a denial of service by providing a specially crafted argument to...

CVE-2025-11012

BehaviorTree.CPP before 4.7.0 is affected by a vulnerability in the Diagnostic Message Handler’s ParseScript function (src/script_parser.cpp). Improper manipulation of the error_msgs_buffer can cause a stack-based buffer overflow. Exploitation is local, and public disclosures and a patch referenc...

Security update for net-tools

This update for net-tools fixes the following issues: Fixed stack buffer overflow in parsehex, procgenfmt, ax25 and netrom bsc1248687 Fixed stack overflow in ax25 and netrom bsc1248687 CVE-2025-46836: Fixed stack buffer overflow caused by the absence of bound checks bsc1243581 Patch Instructions:...

CVE-2025-10996 Open Babel smilesformat.cpp ParseSmiles heap-based overflow

A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and ma...

[SECURITY] Fedora 41 Update: mingw-expat-2.7.2-1.fc41

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2021-43784 DESCRIPTION: runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a...

CVE-2025-10948

A vulnerability has been found in MikroTik RouterOS 7. This affects the function parsejsonelement of the file /rest/ip/address/print of the component libjson.so. The manipulation leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

CVE-2025-10948 MikroTik RouterOS libjson.so print parse_json_element buffer overflow

A vulnerability has been found in MikroTik RouterOS 7. This affects the function parsejsonelement of the file /rest/ip/address/print of the component libjson.so. The manipulation leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the...