6849 matches found
PT-2023-35078 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19 through v6.1.6 Description: A memory leak issue was discovered in the msm mdss parse data bus icc path function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in...
The vulnerability of the Cookie.parse() function in the CookieJar library allows a hacker to induce a service failure.
The vulnerability of the Cookie.parse function in the CookieJar library is related to errors in the use of regular expressions. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
CVE-2023-25584
An out-of-bounds read flaw was found in the parsemodule function in bfd/vms-alpha.c in Binutils...
PT-2023-35899 · Libraw · Libraw
Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to an index-out-of-bounds crash. Technical details about the crash include the involvement of specific functions: apply tiff, parse jpeg, and identify. Recommendations: ...
CVE-2022-45492
Buffer overflow vulnerability in function jsonparsenumber in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...
CVE-2022-45496
Buffer overflow vulnerability in function jsonparsestring in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...
CVE-2022-45493
Buffer overflow vulnerability in function jsonparsekey in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...
CVE-2022-45493
Buffer overflow vulnerability in function jsonparsekey in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...
AZL-74517 CVE-2022-45493 affecting package suitesparse 7.11.0-1
Buffer overflow vulnerability in function jsonparsekey in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...
AZL-74514 CVE-2022-45492 affecting package suitesparse 7.11.0-1
Buffer overflow vulnerability in function jsonparsenumber in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...
AZL-74523 CVE-2022-45496 affecting package suitesparse 7.11.0-1
Buffer overflow vulnerability in function jsonparsestring in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 November 14, 2022 allows attackers to code arbitrary code and gain escalated privileges...
CVE-2023-22474
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server uses the request header x-forwarded-for to determine the client IP address. If Parse Server doesn't run behind a proxy server, then a client can set this header and Parse Server wi...
Cross site request forgery (csrf)
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server uses the request header x-forwarded-for to determine the client IP address. If Parse Server doesn't run behind a proxy server, then a client can set this header and Parse Server wi...
CVE-2023-22474 Parse Server is vulnerable to authentication bypass via spoofing
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server uses the request header x-forwarded-for to determine the client IP address. If Parse Server doesn't run behind a proxy server, then a client can set this header and Parse Server wi...
CVE-2023-22474
Parse Server (Node.js backend) is affected by CVE-2023-22474 due to trusting the client IP from the x-forwarded-for header when not behind a proxy, allowing bypass of the masterKeyIps security check. The issue has been fixed in version 5.4.1, where IP address determination was rewritten and the t...
CVE-2023-22474 Parse Server is vulnerable to authentication bypass via spoofing
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server uses the request header x-forwarded-for to determine the client IP address. If Parse Server doesn't run behind a proxy server, then a client can set this header and Parse Server wi...
CVE-2023-22474 Parse Server is vulnerable to authentication bypass via spoofing
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server uses the request header x-forwarded-for to determine the client IP address. If Parse Server doesn't run behind a proxy server, then a client can set this header and Parse Server wi...
UBUNTU-CVE-2023-23088
Buffer OverFlow Vulnerability in Barenboim json-parser master and v1.1.0 fixed in v1.1.1 allows an attacker to execute arbitrary code via the jsonvalueparse function...
json.h 缓冲区错误漏洞
json.h is a simple single header solution for parsing JSON in C and C++ from the individual developer Neil Henning. A security vulnerability exists in sheredom json.h that stems from the jsonparsekey function found to contain a buffer overflow vulnerability. An attacker can exploit this...
json-parser 缓冲区错误漏洞
json-parser is a standard JSON parser in C by xiehan personal developer. A security vulnerability exists in Barenboim json-parser version v1.1.0, which can be exploited by an attacker to execute arbitrary code via the jsonvalueparse function...