CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3332 matches found

EUVD•added 2025/10/30 2:20 p.m.•3 views

EUVD-2025-37005

Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability in the search module...

4.3CVSS6.4AI score0.00928EPSS

Exploits0References2

IBM Security Bulletins•added 2025/10/22 10:57 a.m.•8 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in transformers-4.48.3-py3-none-any.whl

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in transformers-4.48.3-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-1194 DESCRIPTION: A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers...

6.5CVSS4.6AI score0.00388EPSS

Exploits1Affected Software1

OSV•added 2025/10/21 2:18 p.m.•6 views

CLSA-2025-1761056282 python3-setuptools: Fix of 2 CVEs

CVE-2022-40897: fix Regular Expression Denial of Service ReDoS in packageindex.py - CVE-2024-6345: fix remote code execution in packageindex module...

8.8CVSS7.4AI score0.02617EPSS

Exploits1References1

Vulnrichment•added 2025/10/16 8:40 a.m.•2 views

CVE-2025-61581 Apache Traffic Control: ReDoS issue in Traffic Router configuration

UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...

6.5AI score0.00672EPSS

Exploits0References1

CVE•added 2025/10/16 8:40 a.m.•11 views

CVE-2025-61581

CVE-2025-61581 describes an Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control affecting all versions. The description states that users with access to the Traffic Router management interface could supply malicious patterns, potentially causing unavailability. The p...

7.5CVSS6.5AI score0.00672EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/10/10 7:28 p.m.•6 views

CVE-2025-61921 Sinatra has ReDoS vulnerability in ETag header value generation

Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...

6.9CVSS0.00448EPSS

Exploits1References5

RubySec•added 2025/10/10 12:0 a.m.•7 views

Sinatra is vulnerable to ReDoS through ETag header value generation

Summary There is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response and you are using Ruby = 3.2...

7.5CVSS6.5AI score0.00448EPSS

Exploits1References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-0056

Malware in sbrugna...

7.5CVSS8.5AI score0.00718EPSS

Exploits1References10

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-1307

Malware in sbrugna...

5.3CVSS5.4AI score0.0165EPSS

Exploits0References5