Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
json project vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-18848
The json-jwt gem prior to 1.11.0 for Ruby lacks an element count during the splitting of a JWE string.
Json-jwt Project Json-jwt
Debian Debian Linux 9.0
5
CVSSv2
CVE-2019-15550
An issue exists in the simd-json crate prior to 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary.
Simdjson Project Simdjson
7.5
CVSSv2
CVE-2019-10173
It was found that xstream API version 1.4.10 prior to 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote malicious user to run arbitrary shell commands when unmarshalling XML or any support...
Xstream Project Xstream 1.4.10
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Utilities Framework
Oracle Communications Diameter Signaling Router
Oracle Communications Unified Inventory Management 7.3.0
Oracle Banking Platform
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3.0.9.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
Oracle Endeca Information Discovery Studio 3.2.0.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
2 Github repositories
5
CVSSv2
CVE-2019-1010239
DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The f...
Cjson Project Cjson 1.7.8
Oracle Timesten In-memory Database
1 Article
5
CVSSv2
CVE-2019-1010083
The Pallets Project Flask prior to 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.
Palletsprojects Flask
4 Github repositories
7.5
CVSSv2
CVE-2019-12966
FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {"a":(function(){confirm(1)})()} input.
Fehelper Project Fehelper
7.5
CVSSv2
CVE-2013-7285
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote malicious user to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.
Xstream Project Xstream
Xstream Project Xstream 1.4.10
1 EDB exploit
4 Github repositories
7.5
CVSSv2
CVE-2019-11834
cJSON prior to 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
Cjson Project Cjson
Oracle Timesten In-memory Database
7.5
CVSSv2
CVE-2019-11835
cJSON prior to 1.7.11 allows out-of-bounds access, related to multiline comments.
Cjson Project Cjson
Oracle Timesten In-memory Database
5.8
CVSSv2
CVE-2018-17937
gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote malicious users to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.
Gpsd Project Gpsd
Microjson Project Microjson
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »