OSV-2026-354 Use-of-uninitialized-value in pcpp::MplsLayer::toString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489360236 Crash type: Use-of-uninitialized-value Crash state: pcpp::MplsLayer::toString FuzzTarget.cpp pcpp::RawPacket::RawPacket...

EUVD-2021-2489

Malware in sbrugna...

EUVD-2022-5887

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-22095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the...

CVE-2021-22095

In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...

Twig 安全漏洞

Twig is a PHP template engine open-sourced by Twig. Twig has a security vulnerability that stems from the fact that when an object is part of an array or parameter list in a sandbox, an attacker can call the toString method on the object even if the security policy does not allow it...

SUSE CVE-2005-0141

Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab...

Unhandled crash in npm posix

This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check...

CVE-2022-21211

This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check...

Design/Logic Flaw

This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check...

CVE-2022-21211

CVE-2022-21211 affects the npm package posix (all versions) and is caused by the toString method not being invokable, causing a crash (DoS) when the code falls back to a 0x0 value. The vulnerability has public discussion and proof-of-concept material (e.g., a Snyk overview with a PoC) and multipl...

CVE-2022-21211 Denial of Service (DoS)

This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check...

GHSA-FX7F-RJQJ-52PJ Deserialization of Untrusted Data in Spring AMQP

In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring AMQP Message object, in its toString method, will deserialize a body for a message with content type application/x-java-serialized-object. It is possible to construct a malicious java.util.Dictionary object that can cause 100%...

CVE-2021-22095

In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...

UBUNTU-CVE-2021-22095

In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...

CVE-2021-22095

In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...

Design/Logic Flaw

The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 includes a password in the return value of a toString method call, which allows attackers to obtain sensitive information vi...

Adobe Flash TextField Variable - Use-After Free

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=583 If a TextField variable is set to a value with toString defined, and the TextField is updated, a use-after-free can occur if the toString method frees the TextField's...

Adobe Flash TextField.gridFitType Setter - Use-After-Free

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=559 There is a use-after-free in the TextField gridFitType setter. If it is set to an object with a toString method that frees the TextField, the property will be written...

Adobe Flash TextField.gridFitType Setter - Use-After-Free

Adobe Flash TextField.gridFitType Setter - Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=559 There is a use-after-free in the TextField gridFitType setter. If it is set to an object with a toString method that frees the TextField, the property will be...