6935 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a mac80211 module restriction to inject vhtmcs/nss in ieee80211parsetxradiotap...
json-schema-ref-parser Prototype Pollution issue
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
GHSA-5F97-H2C2-826Q json-schema-ref-parser Prototype Pollution issue
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
CVE-2024-29651 is a Prototype Pollution vulnerability in API Dev Tools json-schema-ref-parser (versions 11.0.0 and 11.1.0). The flaw allows remote code execution or denial of service by manipulating Object.prototype via bundle(), parse(), resolve(), or dereference() functions. Affected IBM stack ...
Medium: kernel
Issue Overview: A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. CVE-2023-52434 In the Linux kernel, the following vulnerabili...
GHSA-3HVJ-2783-34X2 njwt Prototype Pollution vulnerability
njwt up to v0.4.0 was discovered to contain a prototype pollution in the Parser.prototype.parse method...
USN-6773-1: .NET vulnerabilities
It was discovered that .NET did not properly handle memory in it's Double Parse routine. An attacker could possibly use this issue to achieve remote code execution. CVE-2024-30045 It was discovered that .NET did not properly handle the usage of a shared resource. An attacker could possibly use th...
USN-6773-1 dotnet7, dotnet8 vulnerabilities
It was discovered that .NET did not properly handle memory in it's Double Parse routine. An attacker could possibly use this issue to achieve remote code execution. CVE-2024-30045 It was discovered that .NET did not properly handle the usage of a shared resource. An attacker could possibly use th...
njwt 安全漏洞
njwt is the cleanest JSON Web Token JWT library for Node.js developers. A security vulnerability exists in njwt version v0.4.0 and earlier, which stems from the inclusion of a prototype contamination vulnerability found in the Parser.prototype.parse method...
The vulnerability of the `taprio_parse_tc_entry()` function in the `net/sched/sch_taprio.c` module, part of the network scheduling subsystem of the Linux operating system, allows a attacker to trigger a service failure.
The vulnerability of the taprioparsetcentry function in the net/sched/schtaprio.c module, part of the network scheduling subsystem in the Linux operating system’s kernel, is related to incorrect comparisons. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the hugetlbfs_parse_param() function in the fs/hugetlbfs/inode.c module of the HugeTLB memory management module in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the hugetlbfsparseparam function in the fs/hugetlbfs/inode.c module of the HugeTLB memory management module in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
Remote Code Execution (RCE)
microsoft.netcore.app.runtime is vulnerable to Remote Code Execution. The vulnerability is due to a stack buffer overrun in the .NET Double Parse routine. This allows attackers to execute arbitrary code on the affected system by providing malformed input data that is improperly handled by the...
dotnet: stack buffer overrun in Double Parse
A remote code execution vulnerability exists in .NET 7.0 and .NET 8.0. A stack buffer overrun occurs in the .NET Double Parse routine...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to a stack buffer overrun in the Double Parse routine. An attacker can execute arbitrary code by supplying a specially crafted input that triggers the buffer overrun. Remediation Upgrade...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to a stack buffer overrun in the Double Parse routine. An attacker can execute arbitrary code by supplying a specially crafted input that triggers the buffer overrun. Remediation Upgrade...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to a stack buffer overrun in the Double Parse routine. An attacker can execute arbitrary code by supplying a specially crafted input that triggers the buffer overrun. Remediation Upgrade...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to a stack buffer overrun in the Double Parse routine. An attacker can execute arbitrary code by supplying a specially crafted input that triggers the buffer overrun. Remediation Upgrade...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to a stack buffer overrun in the Double Parse routine. An attacker can execute arbitrary code by supplying a specially crafted input that triggers the buffer overrun. Remediation Upgrade...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to a stack buffer overrun in the Double Parse routine. An attacker can execute arbitrary code by supplying a specially crafted input that triggers the buffer overrun. Remediation Upgrade...