EUVD-2024-38186

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-39684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when...

TencentOS Server 4: rapidjson (TSSA-2024:0415)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0415 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

USN-7125-1: RapidJSON vulnerability

It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code...

USN-7125-1 rapidjson vulnerability

It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code...

Medium: rapidjson

Issue Overview: Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this...

SUSE CVE-2024-38517

Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...

AZL-43300 CVE-2024-38517 affecting package rapidjson for versions less than 1.1.0-8

Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...

AZL-43618 CVE-2024-39684 affecting package opencc 1.1.1-3

Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer...

Tencent RapidJSON Security Vulnerability

Tencent RapidJSON is a C++ rapid JSON parser/generator with SAX/DOM style API from Tencent, China. A security vulnerability exists in Tencent RapidJSON, which stems from an integer overflow vulnerability in the GenericReader::ParseNumber function in include/rapidjson/reader.h. An attacker can...

OSV-2021-1384 UNKNOWN WRITE in rapidjson::PrettyWriter<rapidjson::GenericStringBuffer<rapidjson::UTF8<char>, ra

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39337 Crash type: UNKNOWN WRITE Crash state: rapidjson::PrettyWriter, ra bool rapidjson::GenericValue, rapidjson::MemoryPoolAllocat bool rapidjson::GenericValue, rapidjson::MemoryPoolAllocat...