5 matches found
EUVD-2024-40100
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2014-2525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a...
CVE-2024-43191
IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted yaml file request...
Arbitrary Code Execution
js-yaml is vulnerable to arbitrary code execution. The vulnerability exists through the usage of unsafe load function, which allows attackers to inject arbitrary code via a malicious YAML file using objects that have toString as key, JavaScript code as value and are used as explicit mapping keys...
CVE-2014-2525
Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file...