CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-0662

Malware in sbrugna...

7.5CVSS7.6AI score0.01762EPSS

Exploits1References9

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-1326

Malware in sbrugna...

7.4CVSS6.9AI score0.00373EPSS

Exploits0References8

Tenable Nessus•added 2025/08/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2021-23341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel...

7.5CVSS7.1AI score0.01762EPSS

Exploits1References2

Positive Technologies•added 2024/08/07 12:0 a.m.•1 views

PT-2024-5514 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.6 through 17.0.5 GitLab CE/EE version 17.1 prior to 17.1.4 GitLab CE/EE version 17.2 prior to 17.2.2 Description: The issue is related to an uncontrolled resource consumption in GitLab, a software platform based on gi...

6.8CVSS7AI score0.00062EPSS

Exploits0References13

Rockylinux•added 2022/05/17 6:27 a.m.•9 views

new packages: asciidoc

An update is available for asciidoc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpris...

1.8AI score

Exploits0

OSV•added 2022/04/01 12:15 a.m.•1 views

UBUNTU-CVE-2022-24803

Asciidoctor-include-ext is Asciidoctor’s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible...

10CVSS6AI score0.01055EPSS

Exploits1References7

Debian CVE•added 2022/03/31 11:30 p.m.•30 views

CVE-2022-24803

10CVSS9.7AI score0.01055EPSS

Exploits1

Cvelist•added 2022/03/31 11:30 p.m.•14 views

CVE-2022-24803 Command Injection vulnerability in asciidoctor-include-ext

10CVSS9.9AI score0.01055EPSS

Exploits1References3

RubySec•added 2022/03/31 12:0 a.m.•17 views

Command Injection vulnerability in asciidoctor-include-ext

Impact Applications using Asciidoctor Ruby with asciidoctor-include-ext prior to version 0.4.0, which render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible even when allow-uri-read is disable...

10CVSS7.6AI score0.01055EPSS

Exploits1References1Affected Software1

OSV•added 2022/02/16 12:1 a.m.•13 views

GHSA-64Q9-F38H-9MWX Protection Mechanism Failure in Jenkins Doktor Plugin

Jenkins Doktor Plugin 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc, and error messages allow attackers able to control agent processes to determine whether a file with a given name exists...

5.4CVSS5.7AI score0.00048EPSS

Exploits0References3

ATTACKERKB•added 2022/02/15 5:15 p.m.•5 views

CVE-2022-25204

5.5CVSS6.1AI score0.00048EPSS

Exploits0References2

OSV•added 2022/02/15 5:15 p.m.•1 views

CVE-2022-25204

5.4CVSS5.8AI score

Exploits0References1

RedhatCVE•added 2021/07/08 9:35 a.m.•74 views

CVE-2021-32723

A flaw was found in npm-prismjs. An attacker can craft a string that will take a very long time to highlight when used to work with un-trusted text resulting in ReDoS. This can affect the system availability. There is no known risk of privilege escalation on data compromise. Mitigation As a...

7.4CVSS2.2AI score0.00373EPSS

Exploits0References4

OSV•added 2021/06/28 8:15 p.m.•13 views

CVE-2021-32723

Prism is a syntax highlighting library. Some languages before 1.24.0 are vulnerable to Regular Expression Denial of Service ReDoS. When Prism is used to highlight untrusted user-given text, an attacker can craft a string that will take a very very long time to highlight. This problem has been fix...

6.5CVSS6.3AI score

Exploits0References4

OSV•added 2021/06/28 8:15 p.m.•0 views

UBUNTU-CVE-2021-32723

7.4CVSS7.2AI score0.00373EPSS

Exploits0References5

Prion•added 2021/06/28 8:15 p.m.•16 views

Design/Logic Flaw

4.3CVSS6.5AI score0.00373EPSS

Exploits0References4Affected Software2

Cvelist•added 2021/06/28 7:15 p.m.•20 views

CVE-2021-32723 Regular Expression Denial of Service (ReDoS) in Prism

7.4CVSS7.7AI score0.00373EPSS

Exploits0References4

OSV•added 2021/06/28 6:33 p.m.•26 views

GHSA-GJ77-59WH-66HG Regular Expression Denial of Service (ReDoS) in Prism

Some languages before 1.24.0 are vulnerable to Regular Expression Denial of Service ReDoS. Impact When Prism is used to highlight untrusted user-given text, an attacker can craft a string that will take a very very long time to highlight. Do not use the following languages to highlight untrusted...

7.4CVSS6.6AI score0.00373EPSS

Exploits0References7

Github Security Blog•added 2021/06/28 6:33 p.m.•52 views

Regular Expression Denial of Service (ReDoS) in Prism

7.4CVSS1.5AI score0.00373EPSS

Exploits0References7Affected Software1

Veracode•added 2021/02/19 2:11 a.m.•15 views

Regular Expression Denial Of Service (ReDoS)

prismjs is vulnerable to Regular Expression Denial Of Service ReDoS. An attacker is able to crash the system by submitting malicious string via the prism-asciidoc, prism-rest, prism-tap, prism-batch and prism-eiffel components...

7.5CVSS3.4AI score0.01762EPSS

Exploits1References4Affected Software3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by