Lucene search
K

9 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in ujson

UltraJSON is a fast JSON encoder and decoder written in pure C, with bindings for Python 3.7+. It was found that affected versions incorrectly decoded certain characters. JSON strings containing escaped surrogate characters that were not part of a valid surrogate pair were decoded incorrectly. Th...

7.5CVSS7AI score0.02283EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.7 views

PT-2026-23623

A vulnerability was found in HSC Cybersecurity Mailinspector up to 5.3.2-3. Affected by this issue is some unknown functionality of the file /mailinspector/mliUserValidation.php of the component URL Handler. The manipulation of the argument error description results in cross site scripting. The...

5.3CVSS4.3AI score0.00269EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-6334

Malicious code in bioql PyPI...

5.9CVSS6.2AI score0.01682EPSS
Exploits0References12
OSV
OSV
added 2025/07/17 9:19 p.m.8 views

GHSA-9RCW-C2F9-2J55 OpenZeppelin Contracts Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers

Impact The lastIndexOfbytes,byte,uint256 function of the Bytes.sol library may access uninitialized memory when the following two conditions hold: 1 the provided buffer length is empty i.e. buffer.length == 0 and position is not 2256 - 1 i.e. pos != typeuint256.max. The pos argument could be used...

6.9CVSS6.7AI score0.00334EPSS
Exploits0References5
Snyk
Snyk
added 2025/04/09 12:30 p.m.2 views

Improper Input Validation

Overview org.apache.poi:poi-ooxml is a Java API To Access Microsoft Format Files. Affected versions of this package are vulnerable to Improper Input Validation due to the parsing process of OOXML format files. An attacker can manipulate the file content by adding zip entries with duplicate names,...

6.9CVSS6.7AI score0.01237EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/02 12:0 a.m.6 views

PT-2023-22456 · Zammad · Zammad

Name of the Vulnerable Software and Affected Versions: Zammad versions 5.3.x through 5.3.x Description: The issue allows an authenticated attacker with agent and customer roles to perform unauthorized changes on articles where they only have customer permissions, due to incorrect access control...

6.5CVSS7AI score0.01035EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2022/12/07 8:28 p.m.13 views

python-ujson: improper decoding of escaped surrogate characters may lead to string corruption, key confusion or value overwriting

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...

7.5CVSS7.3AI score0.02283EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/12/07 7:19 p.m.4 views

python-ujson: Potential double free of buffer during string decoding

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder, this double free is...

5.9CVSS7.4AI score0.01682EPSS
Exploits0References5
OSV
OSV
added 2022/07/05 6:15 p.m.1 views

DEBIAN-CVE-2022-31116

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...

7.5CVSS7.5AI score0.02283EPSS
Exploits1References1
Rows per page
Query Builder