CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

OSSF Malicious Packages•added 2024/09/25 1:57 a.m.•4 views

Malicious code in design-system-components-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa76659f890e0326b1b129f7cf3c39dd4b242fa297217ef6b98e4b34fa602ba2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSSF Malicious Packages•added 2024/09/18 6:26 p.m.•4 views

Malicious code in acronym-decoder-chrome-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a3a001eb751394dba7b7d59d8580152ab849a2d8971aecc8c65f800c4276008 The OpenSSF Package Analysis project identified 'acronym-decoder-chrome-angular' @ 1.0.0 npm as malicious. It is considered malicious because: -...

6.9AI score

Exploits0

OSSF Malicious Packages•added 2024/06/25 12:19 p.m.•4 views

Malicious code in atlas-ng (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0

OSV•added 2024/02/10 5:15 a.m.•25 views

CVE-2024-21490

This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of servic...

7.5CVSS7.3AI score0.02307EPSS

Exploits1References6

NVD•added 2024/02/10 5:15 a.m.•19 views

CVE-2024-21490

7.5CVSS7.3AI score0.02307EPSS

Exploits1References6

Vulnrichment•added 2024/02/10 5:0 a.m.•15 views

CVE-2024-21490

7.5CVSS6.5AI score0.02307EPSS

Exploits1References4

Debian CVE•added 2024/02/10 5:0 a.m.•18 views

CVE-2024-21490

7.5CVSS6.8AI score0.02307EPSS

Exploits1

Cvelist•added 2024/02/10 5:0 a.m.•21 views

CVE-2024-21490

7.5CVSS7.5AI score0.02307EPSS

Exploits1References4

Snyk•added 2023/11/28 10:19 a.m.•6 views

Regular Expression Denial of Service (ReDoS)

Overview angular is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly. Affected versions of this package...

7.5CVSS6.6AI score0.02307EPSS

Exploits1References2

OSV•added 2023/03/30 5:15 a.m.•26 views

CVE-2023-26118

Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service ReDoS via the element due to the usage of an insecure regular expression in the inputurl functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result ...

5.3CVSS5.5AI score

Exploits0References8

NVD•added 2023/03/30 5:15 a.m.•19 views

CVE-2023-26118

5.3CVSS5.4AI score0.0061EPSS

Exploits1References8

OSV•added 2023/03/30 5:15 a.m.•28 views

CVE-2023-26117

Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic...

5.3CVSS5.5AI score

Exploits0References8

NVD•added 2023/03/30 5:15 a.m.•18 views

CVE-2023-26117

5.3CVSS5.4AI score0.00318EPSS

Exploits1References8

UbuntuCve•added 2023/03/30 5:15 a.m.•29 views

CVE-2023-26116

Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in...

5.3CVSS6.8AI score0.00318EPSS

Exploits1References4