GNU PSPP 安全漏洞

GNU PSPP is an application for data sampling, statistics and analysis from the US GNU community. A security vulnerability exists in GNU PSPP that stems from the presence of a non-heap memory release in the function parsevariablesoption...

GNU PSPP 缓冲区错误漏洞

GNU PSPP is a free statistical software used as an alternative to the commercial software SPSS for data analysis and statistics. GNU PSPP suffers from a buffer overflow vulnerability that originates in the parsevariablesoption function in the utilities/pspp-convert.c file. No detailed vulnerabili...

Metabase 安全漏洞

Metabase is an open source data analytics platform from the US-based Metabase, Inc. A security vulnerability exists in Metabase version 54.10, which stems from an inefficient regular expression complexity in the function parseDataUri...

PT-2025-24568 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP version 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb Description: A critical issue has been discovered, affecting the parse variables option function in the utilities/pspp-convert.c file. This leads to an out-of-bounds write. The attack...

The vulnerability of the radeon_vce_cs_parse() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the radeonvcecsparse function in the Linux operating system’s kernel is related to the use of an uninitialized pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the validate_nla() and __nla_validate_parse() functions in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the validatenla and nlavalidateparse functions in the Linux operating system kernel is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure...

Malicious code in https-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef1ec069afa771aee14fdc9cedd50a8db0d66030e38f15897a5816782e20a892 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4644 Malicious code in https-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef1ec069afa771aee14fdc9cedd50a8db0d66030e38f15897a5816782e20a892 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-34089 · Gnu +1 · Gpac +1

Уязвимость функции gf parse lfrac утилиты MP4Box мультимедийной платформы GPAC связана с разыменованием нулевого указателя. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании...

Malicious code in http-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ccd584e4eb76b2b7e3035e858a3af89bdbdf42190aef321dffd99632232fab5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4597 Malicious code in http-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ccd584e4eb76b2b7e3035e858a3af89bdbdf42190aef321dffd99632232fab5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-29027

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the ASoC Advanced Linux Sound Architecture Intel audio subsystem. Specifically, the parse int array function does not adequately validate t...

libsoup: Out of bounds reads in soup_headers_parse_request()

A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

SUSE CVE-2025-5204

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::ParseSkinLump3DGSMDL7 of the file assimp/code/AssetLib/MDL/MDLMaterialLoader.cpp. The manipulation leads to out-of-bounds read. Attacking locally is a...

CVE-2025-5204

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::ParseSkinLump3DGSMDL7 of the file assimp/code/AssetLib/MDL/MDLMaterialLoader.cpp. The manipulation leads to out-of-bounds read. Attacking locally is a...

Assimp 缓冲区错误漏洞

Assimp is an Assimp open source library. It is used to import and export various 3D model formats. A buffer error vulnerability exists in Assimp version 5.4.3, which stems from an out-of-bounds read problem in function MDLImporter::ParseSkinLump3DGSMDL7 in file...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the parsestring function. An attacker can cause a denial of service by sending a malformed JSON input that lacks a trailing newline when cJSONParseWithLength is called. PoC sh "1":1, with no trailing newline...

CVE-2024-39317

Wagtail is an open source content management system built on Django. A bug in Wagtail's parsequerystring would result in it taking a long time to process suitably crafted inputs. When used to parse sufficiently long strings of characters without a space, parsequerystring would take an unexpectedl...

CVE-2024-29027

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 6.5.5 and 7.0.0-alpha.29, calling an invalid Parse Server Cloud Function name or Cloud Job name crashes the server and may allow for code injection, internal store manipulatio...

CVE-2024-23082

ThreeTen Backport v1.6.8 was discovered to contain an integer overflow via the component org.threeten.bp.format.DateTimeFormatter::parseCharSequence, ParsePosition. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a...