Lucene search
K

12 matches found

Snyk
Snyk
added 2026/03/23 6:14 p.m.5 views

Out-of-bounds Read

Overview github.com/shamaton/msgpack/v2/time is a None Affected versions of this package are vulnerable to Out-of-bounds Read. due to improper validation of input in the fixext process. An attacker can cause the application to panic and terminate unexpectedly by sending specially crafted...

8.7CVSS5.8AI score
Exploits0References3
Snyk
Snyk
added 2026/03/23 6:14 p.m.4 views

Out-of-bounds Read

Overview github.com/shamaton/msgpack/v2/internal/decoding is a Affected versions of this package are vulnerable to Out-of-bounds Read. due to improper validation of input in the fixext process. An attacker can cause the application to panic and terminate unexpectedly by sending specially crafted...

8.7CVSS5.8AI score
Exploits0References3
Snyk
Snyk
added 2026/03/16 8:27 p.m.4 views

Out-of-bounds Read

Overview github.com/shamaton/msgpack/v2/internal/decoding is a Affected versions of this package are vulnerable to Out-of-bounds Read. via the Unmarshal, UnmarshalAsMap, UnmarshalAsArray, and Marshal functions, which invoke Decode. An attacker can cause a panic with truncated fixext data that...

8.7CVSS6.7AI score0.01036EPSS
Exploits2References3
Snyk
Snyk
added 2026/01/22 10:50 p.m.4 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the lack of JWT authentication middleware and RBAC authorization checks in the routing configuration for /api/v1/jobs endpoint. An attacker can view, update, and delete jobs by sending...

9.8CVSS5.6AI score0.00713EPSS
Exploits1References2
Snyk
Snyk
added 2025/10/17 4:43 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the processing of malicious JSON payloads in the request handling process. An attacker can exhaust system memory and CPU resources by sending specially crafted JSON objects that, when deserialized, consume...

8.7CVSS7AI score0.00655EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.5 views

PT-2025-33883

Name of the Vulnerable Software and Affected Versions: SolidInvoice versions prior to 2.4.1 Description: A security flaw has been discovered in SolidInvoice. The impacted element is an unknown function within the /clients file of the Clients Module. Manipulation of the Name argument results in...

5.4CVSS3.7AI score0.00264EPSS
Exploits1References11
Snyk
Snyk
added 2024/05/01 3:39 a.m.2 views

Divide By Zero

Overview Affected versions of this package are vulnerable to Divide By Zero due to the blendtransformedtiledargb.isra.0 function. An attacker can cause the application to crash by triggering a floating point exception. Remediation Upgrade lunasvg to version 2.4.1 or higher. References - GitHub...

7.5CVSS6.9AI score0.00611EPSS
Exploits1References2
Snyk
Snyk
added 2024/05/01 3:39 a.m.2 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write due to a segmentation violation in the compositionsolidsource component. An attacker can cause a denial of service. Remediation Upgrade lunasvg to version 2.4.1 or higher. References - GitHub Issue Credit: keepinggg...

6.5CVSS6.8AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2024/05/01 3:39 a.m.4 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow due to improper handling of certain inputs in the element.h component. An attacker can trigger this vulnerability by supplying specially crafted input to the application. Remediation Upgrade lunasvg to versio...

6.5CVSS7AI score0.00306EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/06/15 12:0 a.m.4 views

PT-2022-3256 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions 1.0.0 through 2.4.0 Argo CD versions 2.1.0 through 2.1.15 Argo CD versions 2.2.0 through 2.2.9 Argo CD versions 2.3.0 through 2.3.4 Description: Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The...

10CVSS6.1AI score0.00909EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2019/02/05 12:0 a.m.1 views

PT-2019-18582 · Rukovoditel · Rukovoditel

Name of the Vulnerable Software and Affected Versions: Rukovoditel versions prior to 2.4.1 Description: The issue allows for XSS. Recommendations: For versions prior to 2.4.1, update to version 2.4.1 or later to resolve the issue...

6.1CVSS6.2AI score0.05559EPSS
Exploits5References5
Positive Technologies
Positive Technologies
added 2012/10/10 12:0 a.m.6 views

PT-2012-5410 · Opencryptoki +1 · Opencryptoki +1

Name of the Vulnerable Software and Affected Versions: openCryptoki versions prior to 2.4.1 Description: The issue allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the .pkapi xpk or .pkcs11spinloc file in /tmp. This is possible when using...

6.2CVSS5.9AI score0.01029EPSS
Exploits0References26
Rows per page
Query Builder