214 matches found
CVE-2024-58340 LangChain <= 0.3.1 MRKLOutputParser ReDoS
LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service ReDoS vulnerability in the MRKLOutputParser.parse method libs/langchain/langchain/agents/mrkl/outputparser.py. The parser applies a backtracking-prone regular expression when extracting tool actions from...
CVE-2024-58340 LangChain <= 0.3.1 MRKLOutputParser ReDoS
LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service ReDoS vulnerability in the MRKLOutputParser.parse method libs/langchain/langchain/agents/mrkl/outputparser.py. The parser applies a backtracking-prone regular expression when extracting tool actions from...
CVE-2026-0668
Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki - VisualData Extension allows Regular Expression Exponential Blowup.This issue affects MediaWiki - VisualData Extension: 1.45...
Security Bulletin: Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL.
Summary There are multiple vulnerabilities in IBM® Db2® 11.5 used by IBM® Db2® Big SQL 7 on IBM Cloud Pak for Data 4.7 and earlier. Vulnerability Details CVEID:CVE-2015-8383 DESCRIPTION: PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a deni...
PT-2026-22035
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.10.1 n8n versions prior to 2.9.3 n8n versions prior to 1.123.22 Description n8n, an open source workflow automation platform, contains a critical Remote Code Execution RCE issue in its workflow expression evaluation...
RLSA-2023:2654 Moderate: nodejs:18 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 18.14.2. Security Fixes: glob-parent: Regular Expression Denial of Service...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-3933.
Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-3933. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-3933 DESCRIPTION: A Regular Expression Deni...
Regular Expression Denial of Service (ReDoS)
Overview valibot is a The modular and type safe schema library for validating structural data Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the EMOJIREGEX. An attacker can cause excessive CPU consumption and disrupt application availability by...
CVE-2025-66020
Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJIREGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service ReDoS attack. A short, maliciously crafted string e.g., 100 characters can cause the regex engine to consume excessive CPU...
CVE-2025-66020 Valibot has a ReDoS vulnerability in `EMOJI_REGEX`
Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJIREGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service ReDoS attack. A short, maliciously crafted string e.g., 100 characters can cause the regex engine to consume excessive CPU...
CVE-2025-62484 Zoom Workplace Clients - Inefficient Regular Expression Complexity
Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access...
GHSA-7F5H-V6XP-FCQ8 Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse``
Summary An unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denial‑of‑service for endpoints serving files e.g., StaticFiles or any use of...
EUVD-2014-0512
Malware in sbrugna...
EUVD-2017-15246
Malware in sbrugna...
EUVD-2007-4753
Malware in sbrugna...
EUVD-2011-1945
Malware in sbrugna...
EUVD-2013-7186
Malware in sbrugna...
EUVD-2018-0256
Malware in sbrugna...
EUVD-2013-6960
Malware in sbrugna...
EUVD-2006-0642
Malware in sbrugna...