CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1145 matches found

NVD•added 2022/07/13 9:15 a.m.•14 views

CVE-2019-10761

This affects the package vm2 before 3.6.11. It is possible to trigger a RangeError exception from the host rather than the "sandboxed" context by reaching the stack call limit with an infinite recursion. The returned object is then used to reference the mainModule property of the host code runnin...

8.3CVSS0.00974EPSS

Exploits1References3

Prion•added 2022/07/13 9:15 a.m.•20 views

Code injection

7.5CVSS8.4AI score0.00974EPSS

Exploits1References3Affected Software1

Cvelist•added 2022/07/13 8:20 a.m.•22 views

CVE-2019-10761 Sandbox Bypass

8.3CVSS8.5AI score0.00974EPSS

Exploits1References3

CNNVD•added 2022/07/13 12:0 a.m.•18 views

vm2 安全漏洞

vm2 is an advanced virtual machine/sandbox for Node.js by individual developer Patrik Simek in the Czech Republic. to run untrusted code using whitelisted Node built-in modules. A security vulnerability exists in vm2 prior to 3.6.11, which stems from reaching the stack call limit via infinite...

8.3CVSS8.1AI score0.00974EPSS

Exploits1References4

CNVD•added 2022/06/30 12:0 a.m.•23 views

Matrix Synapse Denial of Service Vulnerability (CNVD-2022-60674)

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the U.K. A denial of service vulnerability exists in versions of Matrix Synapse prior to 1.61.1, which stems from infinite recursion, where URL previews of certain web pages may exhaust the available stack...

6.5CVSS4.1AI score0.01578EPSS

Exploits0References1

CNNVD•added 2022/06/28 12:0 a.m.•3 views

Matrix Synapse 安全漏洞

6.5CVSS5.7AI score0.01578EPSS

Exploits0References7

OSV•added 2022/05/24 1:14 p.m.•4 views

SUSE-SU-2022:1833-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2022-29824: Fixed integer overflow leading to out-of-bounds write in buf.c and tree.c bsc1199132. - CVE-2017-16932: Prevent infinite recursion in parameter entities bsc1069689...

7.5CVSS6.5AI score0.05928EPSS

Exploits5References5

CNNVD•added 2022/05/18 12:0 a.m.•3 views

Artifex Software Artifex MuJS 安全漏洞

Artifex Software Artifex MuJS is a lightweight JavaScript interpreter from Artifex Software, Inc. that is used to embed into other software to provide script execution functionality.Artifex Software Artifex MuJS version 1.2.0 and earlier versions are vulnerable to denial of service vulnerability,...

5.5CVSS5.7AI score0.01083EPSS

Exploits1References7

OpenVAS•added 2022/04/21 12:0 a.m.•13 views

Slackware: Security Advisory (SSA:2013-287-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.8AI score0.0503EPSS

Exploits0References2

OSV•added 2022/04/18 7:42 a.m.•8 views

MGASA-2022-0145 Updated mediawiki packages fix security vulnerability

Title::newMainPage goes into an infinite recursion loop if it points to a local interwiki CVE-2022-28201. Messages widthheight/widthheightpage/nbytes not escaped when used in galleries or Special:RevisionDelete CVE-2022-28202. Requesting Special:NewFiles on a wiki with many file uploads with acto...

7.5CVSS5.8AI score0.01152EPSS

Exploits3References3

Positive Technologies•added 2022/04/18 12:0 a.m.•2 views

PT-2022-18870 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.6 MediaWiki versions 1.36.x prior to 1.36.4 MediaWiki versions 1.37.x prior to 1.37.2 Description: An issue was discovered in MediaWiki where users with the editinterface permission can trigger infinite...

9.8CVSS5.8AI score0.0182EPSS

Exploits6References56

Tenable Nessus•added 2022/04/09 12:0 a.m.•59 views

Debian DLA-2972-1 : libxml2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2972 advisory. Five security issues have been discovered in libxml2: XML C parser and toolkit. CVE-2016-9318 Vulnerable versions do not offer a flag directly indicating that the...

8.8CVSS7.3AI score0.0601EPSS

Exploits1References13

CNNVD•added 2022/04/05 12:0 a.m.•3 views

JerryScript 缓冲区错误漏洞

JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript that stems from an infinite recursive call to the new opt function...

9.8CVSS8.2AI score0.01195EPSS

Exploits1References3

Snyk•added 2022/03/30 12:57 p.m.•2 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow due to infinite recursion issues in src/dfa/deadrules.cc. Remediation Upgrade re2c to version 3.0 or higher. References - GitHub Commit - GitHub Commit - GitHub Issue...

9.8CVSS7.1AI score0.01563EPSS

Exploits1References3

OSV•added 2022/03/29 12:15 p.m.•1 views

DEBIAN-CVE-2022-23901

A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc...

9.8CVSS8.5AI score0.01563EPSS

Exploits1References1

NVD•added 2022/03/29 12:15 p.m.•10 views

CVE-2022-23901

A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc...

9.8CVSS0.01563EPSS

Exploits1References1