PHP 缓冲区错误漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained a buffer error vulnerability. This vulnerability stemmed from the use of the metaphone function, which used signed integer variables to track the current...

EUVD-2025-17087

Malicious code in bioql PyPI...

EUVD-2022-1773

Malicious code in bioql PyPI...

CVE-2025-48904

Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2021-27603

An RFC enabled function module SPIWAITMILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the...

Azure Linux 3.0 Security Update: rubygem-yajl-ruby (CVE-2022-24795)

The version of rubygem-yajl-ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24795 advisory. - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the...

EulerOS Virtualization 2.9.1 : yajl (EulerOS-SA-2023-1210)

According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integ...

EulerOS Virtualization 2.10.0 : yajl (EulerOS-SA-2023-1181)

According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integ...

Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2022-2863)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : yajl (EulerOS-SA-2022-2812)

According to the versions of the yajl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow...

Oracle Linux 9 : yajl (ELSA-2022-8252)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8252 advisory. - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to...

EulerOS 2.0 SP5 : yajl (EulerOS-SA-2022-1919)

According to the versions of the yajl package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow whi...

CVE-2022-24795

yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. The reallocation logic at yajlbuf.cL64 may result in the need 32bit...

Buffer Overflow in yajl-ruby

NOTE: A previous patch, 1.4.2, fixed the heap memory issue, but could still lead to a DoS infinite loop. Please update to version 1.4.3 The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. Detail...

GHSA-JJ47-X69X-MXRM Buffer Overflow in yajl-ruby

NOTE: A previous patch, 1.4.2, fixed the heap memory issue, but could still lead to a DoS infinite loop. Please update to version 1.4.3 The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. Detail...

CVE-2022-24795

yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. The reallocation logic at yajlbuf.cL64 may result in the need 32bit...

CVE-2022-24795 Buffer Overflow and Integer Overflow in yajl-ruby

yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. The reallocation logic at yajlbuf.cL64 may result in the need 32bit...

Reallocation bug can trigger heap memory corruption

The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. Details The reallocation logic at yajlbuf.cL64 may result in the need 32bit integer wrapping to 0 when need approaches a value of 0x80000000...

CVE-2022-24795 Buffer Overflow and Integer Overflow in yajl-ruby

yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. The reallocation logic at yajlbuf.cL64 may result in the need 32bit...