MiracleLinux 8 : nodejs:16 (AXSA:2022-3844:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3844:01 advisory. nodejs-ansi-regex: Regular expression denial of service ReDoS matching ANSI escape codes CVE-2021-3807 nodejs: DNS rebinding in --inspect via invali...

ROS-20260120-7322

A vulnerability in the tracing component of the eventtriggerwrite function of the Linux kernel is related to insufficient regular expression handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

MiracleLinux 8 : python3-3.6.8-31.el8 (AXSA:2021-1204:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1204:01 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 python: infinite loop in the tarfile module via...

MiracleLinux 9 : python-setuptools-53.0.0-10.el9.1 (AXSA:2023-5193:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5193:02 advisory. pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 Tenable has extracted the preceding description block directly...

MiracleLinux 9 : python3.12-3.12.1-4.el9_4.4 (AXSA:2024-8949:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8949:08 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 8 : perl-5.26.3-417.el8 (AXSA:2021-1498:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1498:06 advisory. perl: corruption of intermediate language state of compiled regular expression due to recursive Sstudychunk calls leads to DoS CVE-2020-12723 Tenable has...

MiracleLinux 8 : python36:3.6 (AXSA:2021-2854:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2854:01 advisory. python-pygments: Infinite loop in SML lexer may lead to DoS CVE-2021-20270 python-pygments: ReDoS in multiple lexers CVE-2021-27291 Tenable has...

Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101575)

The version of Atlassian Confluence Server running on the remote host is affected by a denial of service vulnerability as referenced in the CONFSERVER-101575 advisory. - A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack...

MiracleLinux 8 : grafana-7.5.15-4.el8.ML.1 (AXSA:2023-6073:05)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6073:05 advisory. golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 golang: net/http: handle server errors after...

Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101573)

The version of Atlassian Confluence Server running on the remote host is affected by a denial of service vulnerability as referenced in the CONFSERVER-101573 advisory. - A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack...

CVE-2026-23829 Mailpit has SMTP Header Injection via Regex Bypass

Mailpit is an email testing tool and API for developers. Prior to version 1.28.3, Mailpit's SMTP server is vulnerable to Header Injection due to an insufficient Regular Expression used to validate RCPT TO and MAIL FROM addresses. An attacker can inject arbitrary SMTP headers or corrupt existing...

MiracleLinux 3 : glibc-2.5-107.4.0.1.AXS3 (AXSA:2013-422:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-422:02 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

MiracleLinux 7 : pcre-8.32-15.el7.1 (AXSA:2016-391:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-391:01 advisory. Perl-compatible regular expression library. PCRE has its own native API, but a set of wrapper functions that are based on the POSIX API are also...

CVE-2026-22809

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. This vulnerability is fixed in 1.29.0...

📄 n8n Workflow Expression Remote Code Execution

This Metasploit module exploits a critical remote code execution vulnerability CVE-2025-68613 in the n8n workflow automation platform. The vulnerability exists in the workflow expression evaluation system where user-supplied expressions enclosed in are evaluated in an execution context that is no...

MiracleLinux 3 : perl-5.8.8-10.3.1AXS3 (AXSA:2008-74:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-74:01 advisory. Perl is a high-level programming language commonly used for system administration utilities and Web programming. A flaw was found in Perl's regular expression...

Double Free

Overview Affected versions of this package are vulnerable to Double Free in the Regexp compilation process. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted regular expression source string. Remediation A fix was pushed into the master branch bu...

Regular Expression Denial of Service (ReDoS)

Overview tarteaucitronjs is a package that provides compliance to the European cookie law. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the issuuid parameter hangling. An attacker can cause excessive CPU consumption and degrade service...

GHSA-Q5F6-QXM2-MCQM tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

Summary A potential Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. Details The issue was caused by the use of insufficiently constrained regular expressions applied to attacker-controlled input: if...

tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

Summary A potential Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. Details The issue was caused by the use of insufficiently constrained regular expressions applied to attacker-controlled input: if...