Lucene search
K

9309 matches found

NVD
NVD
added 2025/10/16 3:15 p.m.9 views

CVE-2025-41253

The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...

7.5CVSS0.00435EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/16 2:25 p.m.12 views

CVE-2025-41253 Spring Cloud Gateway Webflux SpEL Injection Vulnerability Allowing Exposure of Environment Variables

The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...

7.5CVSS0.00435EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/16 2:25 p.m.3 views

CVE-2025-41253 Spring Cloud Gateway Webflux SpEL Injection Vulnerability Allowing Exposure of Environment Variables

The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...

7.5CVSS6.4AI score0.00435EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/10/16 9:30 a.m.6 views

Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability

UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...

7.5CVSS6.8AI score0.00672EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/16 9:30 a.m.8 views

EUVD-2025-34739

Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability...

6.5AI score0.00672EPSS
Exploits0References3
OSV
OSV
added 2025/10/16 9:30 a.m.2 views

GHSA-9M49-P2J3-C6XM Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability

UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...

5.3CVSS6.8AI score0.00672EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/16 8:40 a.m.7 views

CVE-2025-61581 Apache Traffic Control: ReDoS issue in Traffic Router configuration

UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...

0.00672EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.3 views

Icinga 2 安全漏洞

Icinga 2 is a monitoring system from Icinga open source. A security vulnerability exists in Icinga 2 2.15.0 and earlier versions, which stems from a filter expression that can access unauthorized variables or objects, potentially leading to information disclosure...

7.1CVSS6.2AI score0.00365EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.4 views

Spring Cloud Gateway Server Webflux 安全漏洞

Spring Cloud Gateway Server Webflux is a Spring open source gateway server. A security vulnerability exists in Spring Cloud Gateway Server Webflux that stems from the Spring Expression Language that may expose environment variables and system properties, potentially leading to information...

7.5CVSS6.3AI score0.00435EPSS
Exploits0References2
Veracode
Veracode
added 2025/10/15 7:17 a.m.5 views

Regular Expression Denial Of Service (ReDoS)

Cattown is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to the use of inefficient regular expressions with potentially exponential backtracking complexity, which allows an attacker to craft malicious markdown inputs that cause excessive CPU usage and lead to...

8.7CVSS6.9AI score0.00312EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2025/10/15 12:0 a.m.4 views

Expression Language Injection

Overview Affected versions of this package are vulnerable to Expression Language Injection in route definitions. An attacker with permission to define routes can expose the server's file structure or other sensitive environment variables by crafting a SpEL expression to access sensitive system...

8.2CVSS6.8AI score0.00435EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/10 7:41 p.m.3 views

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the parsing of the If-Match and If-None-Match headers when the ETag method is used in response construction. An attacker can cause excessive resource consumption by sending specially crafted...

7.5CVSS6.8AI score0.00448EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.3 views

Common Expression Language 输入验证错误漏洞

Common Expression Language is a common expression language interpreter written in Rust by cel-rust open source. An input validation error vulnerability exists in Common Expression Language version 0.10.0 through versions prior to 0.11.4, which stems from the fact that parsing a specific incorrect...

7.5CVSS6.5AI score0.00323EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.7 views

PT-2025-41615

Name of the Vulnerable Software and Affected Versions cel-rust versions 0.10.0 through 0.11.3 Description cel-rust is a Common Expression Language interpreter written in Rust. Parsing specific, malformed Common Expression Language CEL expressions can cause the parser to terminate unexpectedly. If...

7.5CVSS6.6AI score0.00323EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2025/10/09 5:21 p.m.7 views

rexml: REXML: Denial of Service via inefficient regex parsing

A flaw was found in REXML. A remote attacker could exploit inefficient regular expression regex parsing when processing hex numeric character references &x...; in XML documents. This could lead to a Regular Expression Denial of Service ReDoS, impacting the availability of the affected component...

7.5CVSS7.3AI score0.00468EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-20752

Malware in sbrugna...

7.2CVSS7AI score0.01226EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-28321

Malware in sbrugna...

9CVSS8.6AI score0.03213EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-26289

Malware in sbrugna...

6.5CVSS6.4AI score0.0142EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-8273

Malware in sbrugna...

9.8CVSS8.5AI score0.06404EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-28280

Malware in sbrugna...

10CVSS9.2AI score0.06613EPSS
Exploits0References2
Rows per page
Query Builder