Lucene search
K

8483 matches found

Cvelist
Cvelist
added 2026/03/10 12:19 a.m.31 views

CVE-2026-27689 Denial of service (DOS) in SAP Supply Chain Management

Due to an uncontrolled resource consumption Denial of Service vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control parameter. This triggers prolonged loop execution th...

7.7CVSS0.00368EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

elysia 安全漏洞

Elysia is an open-source framework developed by Elysia. Versions of Elysia prior to 1.4.26 contained security vulnerabilities. These vulnerabilities were caused by defects in the regular expressions used in the t.String format for handling URLs, which could lead to denial-of-service attacks due t...

7.5CVSS5.8AI score0.00494EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. There were security vulnerabilities in versions of Parse Server prior to 9.5.0-alpha.14 and 8.6.11. These vulnerabilities stemmed from malicious clients being able t...

8.2CVSS5.8AI score0.00446EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/09 11:1 p.m.32 views

CVE-2026-30925 Parse Server affected by Regular Expression Denial of Service (ReDoS) via `$regex` query in LiveQuery

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-alpha.14 and 8.6.11, a malicious client can subscribe to a LiveQuery with a crafted $regex pattern that causes catastrophic backtracking, blocking the Node.js event loop. This...

8.2CVSS0.00446EPSS
Exploits0References3
CVE
CVE
added 2026/03/09 11:1 p.m.13 views

CVE-2026-30925

CVE-2026-30925 affects Parse Server with LiveQuery enabled. A crafted $regex subscription can cause catastrophic backtracking in JavaScript regex evaluation on the Node.js event loop, blocking the server and making the entire deployment unresponsive. This impacts all clients for affected deployme...

8.2CVSS5.8AI score0.00446EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/09 11:1 p.m.3 views

CVE-2026-30925 Parse Server affected by Regular Expression Denial of Service (ReDoS) via `$regex` query in LiveQuery

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-alpha.14 and 8.6.11, a malicious client can subscribe to a LiveQuery with a crafted $regex pattern that causes catastrophic backtracking, blocking the Node.js event loop. This...

8.2CVSS5.8AI score0.00446EPSS
Exploits0References3
OSV
OSV
added 2026/03/09 11:1 p.m.6 views

CVE-2026-30925 Parse Server affected by Regular Expression Denial of Service (ReDoS) via `$regex` query in LiveQuery

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-alpha.14 and 8.6.11, a malicious client can subscribe to a LiveQuery with a crafted $regex pattern that causes catastrophic backtracking, blocking the Node.js event loop. This...

8.2CVSS5.8AI score0.00446EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/09 9:31 p.m.5 views

EUVD-2025-208447

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

5.8AI score0.00339EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/09 8:55 p.m.6 views

EUVD-2026-10358

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.4 and earlier, the Budibase server's authorized middleware that protects every server-side API endpoint can be completely bypassed by appending a webhook path pattern to the query string of any...

9.1CVSS5.8AI score0.15339EPSS
Exploits2References1
NVD
NVD
added 2026/03/09 8:16 p.m.3 views

CVE-2025-70030

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

7.5CVSS0.00339EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/09 7:1 p.m.5 views

CVE-2025-70034

A flaw was found in ssh2. This vulnerability, categorized as CWE-1333 Inefficient Regular Expression Complexity, allows a remote attacker to cause a Denial of Service DoS by sending specially crafted input that triggers inefficient processing of regular expressions. This can lead to the affected...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/09 6:31 p.m.5 views

EUVD-2025-208436

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...

5.8AI score0.00339EPSS
Exploits0References4
OSV
OSV
added 2026/03/09 6:16 p.m.6 views

CVE-2025-70034

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3
NVD
NVD
added 2026/03/09 6:16 p.m.7 views

CVE-2025-70034

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...

7.5CVSS0.00339EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.6 views

PT-2026-24085

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...

5.8AI score0.00339EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.4 views

sunbird-portal 安全漏洞

sunbird-portal is an open-source portal developed by Sunbird-ED. Version 1.13.4 of sunbird-portal contains a security vulnerability, which stems from the inefficiency of regular expressions, potentially leading to regular expression denial-of-service attacks...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/09 12:0 a.m.1 views

CVE-2025-70034

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...

5.8AI score0.00339EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/09 12:0 a.m.25 views

CVE-2025-70030

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

0.00339EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/09 12:0 a.m.1 views

CVE-2025-70030

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

5.8AI score0.00339EPSS
Exploits0References4
CVE
CVE
added 2026/03/09 12:0 a.m.18 views

CVE-2025-70034

The CVE-2025-70034 issue affects mscdex ssh2 (v1.17.0). Root cause: CWE-1333 (Inefficient Regular Expression Complexity) that can cause a Denial of Service by specially crafted input, leading to unresponsiveness in the affected component. Documented impact is remote DoS with network access; no ex...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder