CVE-2025-15506

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

Memory Search

This module allows for searching the memory space of running processes for potentially sensitive data such as passwords. Module Options msf use post/multi/gather/memorysearch msf postmemorysearch show actions ...actions... msf postmemorysearch set ACTION msf postmemorysearch show options ...show...

CVE-2022-29169 ReDoS on endpoint html5client/useragent in BigBlueButton

BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service ReDoS attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5...

Ruby: ReDoS in Time.rfc2822

A regular expression denial of service ReDoS vulnerability was discovered in the Time.rfc2822 method in Ruby's time library. An attacker could exploit this vulnerability by providing a specially crafted input to the method, causing it to enter an infinite loop and consume excessive CPU resources...

GHSA-Q674-XM3X-2926 Uncontrolled Resource Consumption in parse-link-header

The package parse-link-header before 2.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the checkHeader function...

Regular Expression Denial Of Service (ReDoS)

path-parse is vulnerable to regular expression denial of service. An attacker is able to produce a denial of service condition in the application through worst-case time complexity via splitDeviceRe, splitTailRe and splitPathRe...