8483 matches found
CVE-2026-27689 Denial of service (DOS) in SAP Supply Chain Management
Due to an uncontrolled resource consumption Denial of Service vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control parameter. This triggers prolonged loop execution th...
elysia 安全漏洞
Elysia is an open-source framework developed by Elysia. Versions of Elysia prior to 1.4.26 contained security vulnerabilities. These vulnerabilities were caused by defects in the regular expressions used in the t.String format for handling URLs, which could lead to denial-of-service attacks due t...
Parse Server 安全漏洞
Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. There were security vulnerabilities in versions of Parse Server prior to 9.5.0-alpha.14 and 8.6.11. These vulnerabilities stemmed from malicious clients being able t...
CVE-2026-30925 Parse Server affected by Regular Expression Denial of Service (ReDoS) via `$regex` query in LiveQuery
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-alpha.14 and 8.6.11, a malicious client can subscribe to a LiveQuery with a crafted $regex pattern that causes catastrophic backtracking, blocking the Node.js event loop. This...
CVE-2026-30925
CVE-2026-30925 affects Parse Server with LiveQuery enabled. A crafted $regex subscription can cause catastrophic backtracking in JavaScript regex evaluation on the Node.js event loop, blocking the server and making the entire deployment unresponsive. This impacts all clients for affected deployme...
CVE-2026-30925 Parse Server affected by Regular Expression Denial of Service (ReDoS) via `$regex` query in LiveQuery
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-alpha.14 and 8.6.11, a malicious client can subscribe to a LiveQuery with a crafted $regex pattern that causes catastrophic backtracking, blocking the Node.js event loop. This...
CVE-2026-30925 Parse Server affected by Regular Expression Denial of Service (ReDoS) via `$regex` query in LiveQuery
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-alpha.14 and 8.6.11, a malicious client can subscribe to a LiveQuery with a crafted $regex pattern that causes catastrophic backtracking, blocking the Node.js event loop. This...
EUVD-2025-208447
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...
EUVD-2026-10358
Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.4 and earlier, the Budibase server's authorized middleware that protects every server-side API endpoint can be completely bypassed by appending a webhook path pattern to the query string of any...
CVE-2025-70030
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...
CVE-2025-70034
A flaw was found in ssh2. This vulnerability, categorized as CWE-1333 Inefficient Regular Expression Complexity, allows a remote attacker to cause a Denial of Service DoS by sending specially crafted input that triggers inefficient processing of regular expressions. This can lead to the affected...
EUVD-2025-208436
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...
CVE-2025-70034
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...
CVE-2025-70034
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...
PT-2026-24085
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...
sunbird-portal 安全漏洞
sunbird-portal is an open-source portal developed by Sunbird-ED. Version 1.13.4 of sunbird-portal contains a security vulnerability, which stems from the inefficiency of regular expressions, potentially leading to regular expression denial-of-service attacks...
CVE-2025-70034
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...
CVE-2025-70030
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...
CVE-2025-70030
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...
CVE-2025-70034
The CVE-2025-70034 issue affects mscdex ssh2 (v1.17.0). Root cause: CWE-1333 (Inefficient Regular Expression Complexity) that can cause a Denial of Service by specially crafted input, leading to unresponsiveness in the affected component. Documented impact is remote DoS with network access; no ex...