Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the...
6.5CVSS
6.5AI Score
0.001EPSS
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template...
7.2CVSS
7.4AI Score
0.006EPSS
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd...
5.3CVSS
6AI Score
0.002EPSS
The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single...
7.5CVSS
8.1AI Score
0.011EPSS
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query...
6.5CVSS
7.2AI Score
0.004EPSS