CVE-2021-40262

A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp...

Stack overflow

A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp...

CVE-2021-40262

A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp...

CVE-2021-40262

A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp...

WordPress Plugin Remove Schema 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2023-12515 · WordPress · Remove Schema Plugin

Name of the Vulnerable Software and Affected Versions: Remove Schema plugin for WordPress versions up to, and including, 1.5 Description: The issue is due to missing or incorrect nonce validation on the validate function, making it possible for unauthenticated attackers to modify the plugin's...

Signature Verification Bypass

github.com/moov-io/signedxml is vulnerable to Signature Verification Bypass. The vulnerability exists because parsing the raw XML as received can result in different output than parsing the canonicalized XML in the Validate function of validator.go, which allows an attacker to bypass signature...

CVE-2023-26112

All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

CVE-2023-26112

All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

CVE-2023-26112

All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

UBUNTU-CVE-2023-26112

All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

CVE-2023-26112

All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

PT-2023-9395 · Configobj +5 · Configobj +5

Name of the Vulnerable Software and Affected Versions: configobj versions all versions Description: The issue is related to the use of a regular expression with inefficient computational complexity in the configobj package. This can be exploited to cause a denial of service. The validate function...

py39-configobj -- vulnerable to Regular Expression Denial of Service

DarkTinia reports: All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

Configobj -- Regular Expression Denial of Service attack

[email protected] reports: All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?..Note: This is only exploitable in the case of a developer putting the offending value in a server side configuration file...

CVE-2022-47924

An high privileged attacker may pass crafted arguments to the validate function of csaf-validator-lib of a locally installed Secvisogram in versions 0.1.0 wich can result in arbitrary code execution and DoS once the users triggers the validation...

SUSE CVE-2022-36087

OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of urivalidate functions depending where it is used. OAuthLib...

Cross-site Scripting (XSS)

xml2rfc is vulnerable to cross-site scripting. The vulnerability exists in the validate function in base.py due to lack of input validation which allows an attacker to inject and craft svg images embedded with malicious scripts...

Lightweight Directory Access Protocol (LDAP) Injection

is-user-valid is vulnerable to Lightweight Directory Access Protocol LDAP Injection. The vulnerability exists due to an unsanitized validate function when authenticating the email in the getEmail function...

Code injection

In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the sanitize and the validate function used within schema-inspector...