667 matches found
MiracleLinux 7 : java-11-openjdk-11.0.7.10-4.el7 (AXSA:2020-011:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-011:04 advisory. OpenJDK: Incorrect bounds checks in NIO Buffers Libraries, 8234841 CVE-2020-2803 OpenJDK: Incorrect type checks in MethodType.readObject Libraries,...
Double Free
Overview Affected versions of this package are vulnerable to Double Free in the Regexp compilation process. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted regular expression source string. Remediation A fix was pushed into the master branch bu...
MiracleLinux 7 : firefox-128.8.0-1.0.1.el7.AXS7 (AXSA:2025-9734:08)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9734:08 advisory. firefox: Use-after-free in WebTransportChild CVE-2025-1931 firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process...
MiracleLinux 8 : firefox-128.8.0-1.el8_10.ML.1 (AXSA:2025-9730:07)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9730:07 advisory. firefox: Use-after-free in WebTransportChild CVE-2025-1931 firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process...
CVE-2021-41959
JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak...
Atlassian Confluence < 8.5.17 / 8.6.x < 9.2.6 / 9.3.1 < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 (CONFSERVER-101480)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101480 advisory. - path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be...
PT-2026-28674
Name of the Vulnerable Software and Affected Versions path-to-regexp versions prior to 8.4.0 Description The software is susceptible to a Regular Expression Denial of Service ReDoS condition when handling multiple wildcard characters combined with at least one parameter. This issue arises because...
PT-2026-28675
Name of the Vulnerable Software and Affected Versions path-to-regexp versions prior to 8.4.0 Description A flawed regular expression is created when multiple sequential optional groups using curly brace syntax are present, such as abc:z. The resulting regular expression expands exponentially with...
PT-2026-28656
Name of the Vulnerable Software and Affected Versions path-to-regexp versions prior to 0.1.13 Description A flawed regular expression is generated when three or more parameters are present within a single segment, separated by characters other than a period .. For example, /:a-:b-:c or...
OSV-2025-1039 UNKNOWN WRITE in fuzz_regexp
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=471926738 Crash type: UNKNOWN WRITE Crash state: fuzzregexp...
OSV-2025-1018 Stack-buffer-overflow in lre_exec
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=471304472 Crash type: Stack-buffer-overflow READ 8 Crash state: lreexec fuzzregexp.c...
DoS (Denial of Service) path-to-regexp Dependency in Jira Service Management Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in versions 10.2.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
Security Bulletin: Multiple vulnerabilities in IBM Controller
Summary Multiple vulnerabilities were addressed in IBM Controller 11.1.2. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor...
Security Bulletin: IBM Watson Studio for IBM Cloud Pak for Data is affected by vulnerability in path-to-regexp
Summary IBM Watson Studio for IBM Cloud Pak for Data contains a vulnerable version of path-to-regexp Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be...
CVE-2025-62495 Type confusion in string addition in QuickJS
An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...
EUVD-2020-16054
Malware in sbrugna...
EUVD-2018-0621
Malware in sbrugna...
EUVD-2015-8262
Malware in sbrugna...
EUVD-2017-18371
Malware in sbrugna...
EUVD-2018-3450
Malware in sbrugna...