99 matches found
CVE-2025-8217
The Amazon Q Developer Visual Studio Code VS Code extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making ...
CVE-2025-8217
CVE-2025-8217 documents describe a vulnerability in the Amazon Q Developer VS Code extension. The v1.84.0 extension contains inert, injected code intended to call the Q Developer CLI, which executes when the extension is launched in VS Code, but the injected code has a syntax error that prevents ...
PT-2025-31362
Name of the Vulnerable Software and Affected Versions Amazon Q Developer Visual Studio Code VS Code extension version 1.84.0 Description The Amazon Q Developer Visual Studio Code VS Code extension v1.84.0 contains injected code intended to call the Q Developer CLI. This code executes upon extensi...
CVE-2025-6083
In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...
CVE-2025-6083
In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...
CVE-2025-6083 ExtremeCloud Universal ZTNA Improper Authorization
In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...
CVE-2025-6083
CVE-2025-6083 affects ExtremeCloud Universal ZTNA. A syntax error in the searchKeyword condition allows queries to bypass the owner_id filter, potentially letting a user search data across the entire table instead of constraints tied to their owner_id. The available connected sources consistently...
PT-2025-25448
Name of the Vulnerable Software and Affected Versions ExtremeCloud Universal ZTNA affected versions not specified Description A syntax error in the searchKeyword condition allows queries to bypass the owner id filter. This issue may enable users to search data across the entire table, rather than...
CVE-2024-52797
CVE-2024-52797 affects Opencast (open-source video capture/distribution platform). The issue arises from Elasticsearch query construction that can become syntactically invalid in relation to valid prior queries, triggering a retry loop that repeatedly reissues the same invalid query. This infinit...
CURL-CVE-2024-7264 ASN.1 date parser overread
libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen getting performed on a pointer to a heap buffer area that i...
Oracle Linux 9 : thunderbird (ELSA-2023-4955)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4955 advisory. 102.15.0-1.0.1 - Update to 102.15.0 build1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
CVE-2023-4578
When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Synt...
CVE-2023-4578
When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Synt...
DEBIAN-CVE-2023-4578
When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Synt...
Design/Logic Flaw
When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Synt...
CVE-2023-4578
CVE-2023-4578 affects Firefox and Thunderbird: a failure in JS::CheckRegExpSyntax could mishandle an out-of-memory (OOM) condition as a Syntax Error, potentially leading to crashes. Affected versions are Firefox < 117, Firefox ESR < 115.2, and Thunderbird
CVE-2023-4578
When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Synt...
CVE-2023-4578
When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Synt...
CVE-2023-4578
When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Synt...
Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception
The Mozilla Foundation Security Advisory describes this flaw as: When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a...