CLSA-2025-1758892982 php: Fix of CVE-2017-9228

CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions...

CLSA-2025-1758892974 php: Fix of CVE-2017-9228

CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the ParseScript function in the Diagnostic Message Handler component of scriptparser.cpp. An attacker can execute arbitrary code or cause a denial of service by providing a specially crafted argument to...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the ParseScript function in the Diagnostic Message Handler component of scriptparser.cpp. An attacker can execute arbitrary code or cause a denial of service by providing a specially crafted argument to...

CVE-2025-11012

BehaviorTree.CPP before 4.7.0 is affected by a vulnerability in the Diagnostic Message Handler’s ParseScript function (src/script_parser.cpp). Improper manipulation of the error_msgs_buffer can cause a stack-based buffer overflow. Exploitation is local, and public disclosures and a patch referenc...

Security update for net-tools

This update for net-tools fixes the following issues: Fixed stack buffer overflow in parsehex, procgenfmt, ax25 and netrom bsc1248687 Fixed stack overflow in ax25 and netrom bsc1248687 CVE-2025-46836: Fixed stack buffer overflow caused by the absence of bound checks bsc1243581 Patch Instructions:...

CVE-2025-10996 Open Babel smilesformat.cpp ParseSmiles heap-based overflow

A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and ma...

[SECURITY] Fedora 41 Update: mingw-expat-2.7.2-1.fc41

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2021-43784 DESCRIPTION: runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a...

CVE-2025-10948

A vulnerability has been found in MikroTik RouterOS 7. This affects the function parsejsonelement of the file /rest/ip/address/print of the component libjson.so. The manipulation leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

CVE-2025-10948 MikroTik RouterOS libjson.so print parse_json_element buffer overflow

A vulnerability has been found in MikroTik RouterOS 7. This affects the function parsejsonelement of the file /rest/ip/address/print of the component libjson.so. The manipulation leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

CVE-2025-10824

A vulnerability was determined in axboe fio up to 3.41. This impacts the function parsejobsini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized...

3vot-salesforce-proxy (>=0.0.1 <=0.1.6), @0x18b2ee/parse-server (>=3.10.1 <=3.11.0) +367 more potentially affected by CVE-2025-57324 via parse (>=1.10.1 <=6.1.1)

parse NPM version =1.10.1, =0.0.1, =3.10.1, =1.1.3, =2.0.0, =1.0.0, =1.0.0, =1.0.5, =2.2.0, =0.0.7, =0.0.18, =0.0.18, =0.0.18, =0.0.19 and more Source cves: CVE-2025-57324 Source advisory: OSV:GHSA-9G8M-V378-PCG3...

Prototype Pollution

Overview parse is a library that gives you access to the powerful Parse Server backend from your JavaScript app. Affected versions of this package are vulnerable to Prototype Pollution via the initializeState function. An attacker can cause a denial of service by injecting malicious properties in...

parse is vulnerable to prototype pollution

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...

GHSA-9G8M-V378-PCG3 parse is vulnerable to prototype pollution

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...

CVE-2025-57324

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of...

CVE-2025-57324

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of...

axboe fio init.c __parse_jobs_ini use after free

...

CVE-2025-57324

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of...