CVE-2024-29651

A prototype pollution flaw was found in the API Dev Tools json-schema-ref-parser. This flaw allows a remote attacker to cause a denial of service, Cross-site scripting, or arbitrary code via the bundle, parse, resolve, and dereference functions. Mitigation Mitigation for this issue is either not...

DEBIAN-CVE-2021-47395

In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211parsetxradiotap Limit max values for vht mcs and nss in ieee80211parsetxradiotap routine in order to fix the following warning reported by syzbot: WARNING: CPU: 0 PID: 10717 at...

DEBIAN-CVE-2021-47257

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type...

CVE-2021-47257

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type...

UBUNTU-CVE-2021-47257

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type...

CVE-2021-47257 net: ieee802154: fix null deref in parse dev addr

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type...

CVE-2021-47257 net: ieee802154: fix null deref in parse dev addr

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type...

CLSA-2024-1716272110 ncurses: Fix of CVE-2023-50495

CVE-2023-50495: check return value of ncsavestr from upstream patch 20230424, add validity checks in ncparseentry from upstream patch 20170826...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a mac80211 module restriction to inject vhtmcs/nss in ieee80211parsetxradiotap...

json-schema-ref-parser Prototype Pollution issue

A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...

GHSA-5F97-H2C2-826Q json-schema-ref-parser Prototype Pollution issue

A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...

CVE-2024-29651

A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...

CVE-2024-29651

CVE-2024-29651 is a Prototype Pollution vulnerability in API Dev Tools json-schema-ref-parser (versions 11.0.0 and 11.1.0). The flaw allows remote code execution or denial of service by manipulating Object.prototype via bundle(), parse(), resolve(), or dereference() functions. Affected IBM stack ...

Medium: kernel

Issue Overview: A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. CVE-2023-52434 In the Linux kernel, the following vulnerabili...

GHSA-3HVJ-2783-34X2 njwt Prototype Pollution vulnerability

njwt up to v0.4.0 was discovered to contain a prototype pollution in the Parser.prototype.parse method...

USN-6773-1: .NET vulnerabilities

It was discovered that .NET did not properly handle memory in it's Double Parse routine. An attacker could possibly use this issue to achieve remote code execution. CVE-2024-30045 It was discovered that .NET did not properly handle the usage of a shared resource. An attacker could possibly use th...

USN-6773-1 dotnet7, dotnet8 vulnerabilities

It was discovered that .NET did not properly handle memory in it's Double Parse routine. An attacker could possibly use this issue to achieve remote code execution. CVE-2024-30045 It was discovered that .NET did not properly handle the usage of a shared resource. An attacker could possibly use th...

njwt 安全漏洞

njwt is the cleanest JSON Web Token JWT library for Node.js developers. A security vulnerability exists in njwt version v0.4.0 and earlier, which stems from the inclusion of a prototype contamination vulnerability found in the Parser.prototype.parse method...

The vulnerability of the `taprio_parse_tc_entry()` function in the `net/sched/sch_taprio.c` module, part of the network scheduling subsystem of the Linux operating system, allows a attacker to trigger a service failure.

The vulnerability of the taprioparsetcentry function in the net/sched/schtaprio.c module, part of the network scheduling subsystem in the Linux operating system’s kernel, is related to incorrect comparisons. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the hugetlbfs_parse_param() function in the fs/hugetlbfs/inode.c module of the HugeTLB memory management module in the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the hugetlbfsparseparam function in the fs/hugetlbfs/inode.c module of the HugeTLB memory management module in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...