Amlib NetOpacs 安全漏洞

Amlib NetOpacs is a catalog module in a library management system from Amlib UK. A security vulnerability exists in Amlib NetOpacs that stems from an unrestricted HTTP GET parameter input length that could lead to a stack buffer overflow and control flow hijacking...

github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input

A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory OOM crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree AST, consuming excessive memo...

Memory Exhaustion in Expr Parser with Unrestricted Input

...

GO-2025-3525 Memory Exhaustion in Expr Parser with Unrestricted Input in github.com/expr-lang/expr

Memory Exhaustion in Expr Parser with Unrestricted Input in github.com/expr-lang/expr...

CVE-2025-29786 Memory Exhaustion in Expr Parser with Unrestricted Input

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...

horde-imp.txt

Hi, this bug we discovered recently. HORDE 1.2.0 $from-bug and how to exploit with IMP 2.2.0 Disclaimer: This is intended as a paper for sysadmins who want to secure their systems. It is NOT a how to for scriptkiddies to run any attack on a IMP-using site. The authors of this text will not be hel...