PT-2023-29936 · Unknown · Px4-Autopilot

Name of the Vulnerable Software and Affected Versions: PX4-Autopilot versions 1.14.0-rc1 and prior Description: The issue is related to a heap buffer overflow vulnerability in the parser function of PX4-Autopilot due to the absence of parserbuf index value checking. This can cause unexpected dron...

SUSE CVE-2010-1869

Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file...

SUSE CVE-2019-13288

In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...

CVE-2022-1911 Information disclosure in M-Files Server

Error in parser function in M-Files Server versions before 22.6.11534.1 and before 22.6.11505.0 allowed unauthenticated access to some information of the underlying operating system...

PT-2022-14188

Name of the Vulnerable Software and Affected Versions M-Files Server versions before 22.6.11534.1 M-Files Server versions before 22.6.11505.0 Description The issue is related to an error in a parser function that allowed unauthenticated access to some information of the underlying operating syste...

Accusoft ImageGear out-of-bounds write vulnerability (CNVD-2022-35417)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear that originates from a boundary error when handling untrusted input in the TIFF YCbCr image parser function. An attacker can exploit the vulnerabilit...

CVE-2022-26094

Null pointer dereference vulnerability in parserauxC function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker...

CVE-2022-26097

Null pointer dereference vulnerability in parserunknownproperty function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker...

CVE-2021-42040

An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop and php-fpm hang within the Loops extension because egLoopsCountLimit is mishandled. This could lead to memory exhaustion...

CVE-2021-42040

An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop and php-fpm hang within the Loops extension because egLoopsCountLimit is mishandled. This could lead to memory exhaustion...

Design/Logic Flaw

An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop and php-fpm hang within the Loops extension because egLoopsCountLimit is mishandled. This could lead to memory exhaustion...

JerryScript 安全漏洞

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in parserparsefunctionarguments in /home/JerryScript/jerry-core/parser/js/js-parser.c in JerryScript version 2.2.0. No details of the vulnerability are provided at this time...

Synology DSM synoagentregisterd server finder out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the synoagentregisterd server finder functionality of Synology DSM 6.2.3 25426 DS120j. A specially crafted HTTP response can lead to remote code execution. An attacker can use man-in-the-middle techniques to trigger this vulnerability. Tested...

CVE-2020-12886

A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sncoapparseroptionsparse parses the CoAP packet header starting from the message token. The length of the token in the received message is...

Input validation

An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget as defined by this extension via MediaWiki's widget: parser function...

CVE-2019-16166

GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c...

CVE-2019-16165

GNU cflow through 1.6 has a use-after-free in the reference function in parser.c...

Heap overflow

GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c...

CVE-2019-13288

In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...

CVE-2018-16646

In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack...