Lucene search
K

29 matches found

Snyk
Snyk
added 2020/04/17 12:0 a.m.7 views

Malicious Package

Overview address-validator is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS5.7AI score
Exploits0References2
OSV
OSV
added 2019/02/18 11:38 p.m.1 views

GHSA-XJ62-87PG-VCV3 Regular Expression Denial of Service in jshamcrest

The jshamcrest package is affected by a regular expression denial of service vulnerability when certain types of user input are passed in to the emailAddress validator. Proof of concept js var js = require'jshamcrest' var emailAddress = new js.JsHamcrest.Matchers.emailAddress; var genstr = functi...

7.5CVSS5.9AI score0.01093EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/02/01 12:0 a.m.5 views

PT-2019-8300 · Pylons · Pylons Colander

Name of the Vulnerable Software and Affected Versions: Pylons Colander versions prior to 1.7 Description: The issue allows an attacker to potentially cause a denial of service via an unclosed parenthesis in the URL validator, which can lead to an infinite loop. Recommendations: For versions prior...

8.7CVSS7.1AI score0.01762EPSS
Exploits1References15
Openbugbounty
Openbugbounty
added 2017/12/23 3:20 p.m.13 views

address-validator.net XSS vulnerability

Open Bug Bounty ID: OBB-457890 Description| Value ---|--- Affected Website:| address-validator.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/19 12:0 a.m.7 views

The vulnerability of the Apache Struts software platform, which allows a hacker to trigger a service failure

The vulnerability of the URLValidator class in the Apache Struts software framework exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure by using a null value in the URL field...

5CVSS6.2AI score0.10638EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2016/06/16 12:0 a.m.25 views

Apache Struts2 Remote Code Execution Vulnerability (CNVD-2016-04089)

Apache Struts is the United States Apache Apache Software Foundation is responsible for maintaining an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications , mainly provides two versions of the framework products , Struts 1 and Struts 2...

5.3CVSS9.1AI score0.10638EPSS
Exploits0References1
OSV
OSV
added 2015/07/14 5:59 p.m.2 views

DEBIAN-CVE-2015-5144

Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an 1 email message to the EmailValidator, a ...

4.3CVSS7.1AI score0.03665EPSS
Exploits0References1
PyPA
PyPA
added 2015/07/14 5:59 p.m.8 views

PYSEC-2015-10

Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an 1 email message to the EmailValidator, a ...

4.3CVSS7.1AI score0.03665EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2015/07/14 5:59 p.m.4 views

PYSEC-2015-10

Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an 1 email message to the EmailValidator, a ...

4.3CVSS7.2AI score0.03665EPSS
Exploits0References11
Rows per page
Query Builder