40 matches found
Cisco Nexus 3000 and 9000 Series Switches Intermediate System-to-Intermediate System Denial of Service Vulnerability
A vulnerability in the Intermediate System-to-Intermediate System IS-IS feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly...
CVE-2025-0868
A vulnerability, that could result in Remote Code Execution RCE, has been found in DocsGPT. Due to improper parsing of JSON data using eval an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.. This issue affects DocsGPT: from 0.8.1 through 0.12.0...
CVE-2024-48986
An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer the length of which is determined by looking up the event type in...
CVE-2024-48982
MBed OS 6.16.0 contains a vulnerability in the HCI packet length parsing. The hci parsing software reads a length byte from the packet header and assumes it is >= 3, but does not enforce this. If length
CVE-2024-48984
CVE-2024-48984 affects MBed OS 6.16.0. The issue lies in HCI report parsing: the code dynamically determines the length of a reports list from an input byte and uses that to locate subsequent reports. It does not verify that these addresses stay within the target buffer passed to hciEvtProcessLeE...
CVE-2024-48984
An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software dynamically determines the length of a list of reports by reading a byte from an input stream. It then fetches the length of the first report, uses it to calculate the beginning of the second report, etc...
CVE-2024-48986
An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer the length of which is determined by looking up the event type in...
Out-of-bounds Read
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack...
CVE-2019-1010182
yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of service by impossible to catch abort. The component is: YamlLoader::loadfromstr function. The attack vector is: Parsing of a malicious YAML document. The fixed version is: 0.4.1 and later...
MGASA-2016-0397 Updated perl-Email-Address packages fix security vulnerability
Pali Rohár discovered a possible DoS attack in any software which uses the Email::Address Perl module for parsing string input to a list of email addresses. Note that this issue has only been partially mitigated in Email::Address itself...
libav / ffmpeg multiple security vulnerabilities
Multiple memory corruptions on different media formats parsing...
libmagic / file / fileinfo / PHP security vulnerabilities
Vulnerabilities in ELF parsing...
Mooplayer buffer overflow
Buffer overflow on .m3u files parsing...
Google Chrome / Chromium multiple security vulnerabilities
Multiple vulnerabilities on HTML and different formats parsing...
LibAVCodec / FFMpeg / VLC index array overflow
Index array overflow on AMV files parsing...
quagga BGP daemon DoS
Few DoS conditions on BGP traffic parsing...
bogofilter DoS
Crash on message parsing...
libgdiplus / Mono multiple integer overflows
Multiple integer overflows on BPM, JPEG, TIFF parsing...
python-cjson buffer overflow
Buffer overflow on python script parsing...
Xerox Workcenter 4150 DoS
assert on PJL parsing...