6 matches found
CVE-2026-40482
ChurchCRM versions prior to 7.2.0 are affected by an authenticated SQL injection in FinancialService::getMemberByScanString(), caused by unsanitized input being concatenated into a raw SQL query used by the endpoint /api/families/byCheckNumber/{scanString}. The issue can impact confidentiality an...
EUVD-2022-3310
Malicious code in bioql PyPI...
FastJson denial of service attack warning-vulnerability warning-the black bar safety net
0x00 vulnerability background 2019 9 November 5, 360CERT monitoring to 2019 9 November 3 fastjson in the commit 995845170527221ca0293cf290e33a7d6cb52bf7 presented is designed to repair when the string contains\x escape characters may lead to OOM issues of repair. 360CERT determine the vulnerabili...
ALPINE-CVE-2014-4616
Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...
CVE-2014-4616
Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...
UBUNTU-CVE-2014-4616
Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...