ruby4.0-rubygem-globalid-1.2.1-1.9 on GA media (moderate)

ruby4.0-rubygem-globalid-1.2.1-1.9 on GA media Announcement ID: openSUSE-SU-2026:10347-1 Rating: moderate Cross-References: CVE-2023-22799 CVSS scores: CVE-2023-22799 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...

CVE-2026-22799

creationtimestamp| type| source ---|---|--- 2026-01-12 23:03:01+00:00| published-proof-of-concept| Telegram/r1WVj1DWEYgy6-PsI-eM62JB77qRC4LeAFuyHTjHJQG2Eac 2026-01-13 01:33:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcbfxjeoxr2c...

CVE-2021-22799

A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from an internal network to an external network when an attacker manages to decrypt the SESU proxy password from the registry. Affected Product: Schneider Electric Software Update, V2.3.0 through V2.5.1...

ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media (moderate)

ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media Announcement ID: openSUSE-SU-2025:15116-1 Rating: moderate Cross-References: CVE-2023-22799 CVSS scores: CVE-2023-22799 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...

Linux Distros Unpatched Vulnerability : CVE-2023-22799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A ReDoS based DoS vulnerability in the GlobalID 1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine ...

CVE-2025-22799

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in vertim Neon Product Designer neon-product-designer-for-woocommerce allows SQL Injection.This issue affects Neon Product Designer: from n/a through = 2.2.0...

CVE-2025-22799 WordPress Neon Product Designer Plugin <= 2.2.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in vertim Neon Product Designer neon-product-designer-for-woocommerce allows SQL Injection.This issue affects Neon Product Designer: from n/a through = 2.2.0...

CVE-2025-22799 WordPress Neon Product Designer Plugin <= 2.1.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Vertim Coders Neon Product Designer allows SQL Injection.This issue affects Neon Product Designer: from n/a through 2.1.1...

CVE-2024-30351 Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

CVE-2024-30351

CVE-2024-30351 concerns Foxit PDF Reader/Editor and relates to Use-After-Free vulnerabilities in AcroForms and Doc objects that can lead to remote code execution. The flaw stems from not validating object existence before performing operations on Doc objects and within AcroForm handling, allowing...

CVE-2024-30351 Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:0328-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Internet Bug Bounty: [CVE-2023-22799] Possible ReDoS based DoS vulnerability in GlobalID

A ReDoS-based DoS vulnerability was discovered in the GlobalID gem, affecting versions 0.2.1 and above. Crafted input could cause the regular expression engine to consume excessive processing time, leading to a denial of service. The issue has been fixed in version 1.0.1...

OESA-2023-1112 rubygem-globalid security update

URIs for your models makes it easy to pass references around. Security Fixes: A ReDoS based DoS vulnerability in the GlobalID 1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an...

OESA-2023-1100 rubygem-globalid security update

URIs for your models makes it easy to pass references around. Security Fixes: A ReDoS based DoS vulnerability in the GlobalID 1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an...

openSUSE 15 Security Update : rubygem-globalid (SUSE-SU-2023:0328-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:0328-1 advisory. - A ReDoS based DoS vulnerability in the GlobalID 1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression...

CVE-2023-22799

creationtimestamp| type| source ---|---|--- 2023-02-09 22:26:27+00:00| seen| https://t.me/cibsecurity/57873...

DEBIAN-CVE-2023-22799

A ReDoS based DoS vulnerability in the GlobalID 1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an affected release should either upgrade or use one of the workarounds immediate...

SUSE-SU-2023:0328-1 Security update for rubygem-globalid

This update for rubygem-globalid fixes the following issues: - CVE-2023-22799: Fixed ReDoS vulnerability bsc1207587...

CVE-2023-22799

CVE-2023-22799 describes a ReDoS-based DoS in the Ruby GlobalID gem prior to 1.0.1. The vulnerability arises from a crafted input causing the regular expression engine to take excessive time, potentially impacting availability for systems using GlobalID