CVE-2025-2134 IBM Jazz Reporting Service Denial of Service

IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...

CVE-2025-2134

IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...

PT-2026-5893

Name of the Vulnerable Software and Affected Versions IBM Jazz Reporting Service affected versions not specified Description An authenticated user on the network may impact system performance by submitting complex queries because of inadequate resource pooling. Recommendations At the moment, ther...

Denial Of Service (DoS)

Vault is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of complex JSON payloads caused by a regression that processes JSON requests before applying rate limits, which allows an attacker to exhaust resources and cause a denial of service...

[SECURITY] Fedora 43 Update: perl-HarfBuzz-Shaper-0.033-2.fc43

HarfBuzz::Shaper is a perl module that provides access to a small subset of the native HarfBuzz library. The subset is suitable for typesetting programs that need to deal with complex languages like Devanagari. This module is intended to be used with module L...

OSV-2026-87 Security exception in org.apache.poi.util.IOUtils.safelyAllocate

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476184826 Crash type: Security exception Crash state: org.apache.poi.util.IOUtils.safelyAllocate org.apache.poi.ddf.EscherComplexProperty.ensureComplexData org.apache.poi.ddf.EscherComplexProperty.getComplexData...

CVE-2023-40707

There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials...

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations' domains and distribute emails that appear as if they have been sent internally. "Threat actors have leveraged this vector to deliver a wide variety of...

CVE-2021-47743

COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scripting vulnerability in cookie parameters 'CMXADMINNM' and 'CMXCOMPLEXNM'. Attackers can inject malicious HTML and JavaScript code into these cookie values to execute arbitrary scripts in a victim's...

CVE-2021-47743 COMMAX Biometric Access Control System 1.0.0 Reflected XSS via Cookie Parameters

COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scripting vulnerability in cookie parameters 'CMXADMINNM' and 'CMXCOMPLEXNM'. Attackers can inject malicious HTML and JavaScript code into these cookie values to execute arbitrary scripts in a victim's...

PT-2025-54424

COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scripting vulnerability in cookie parameters 'CMX ADMIN NM' and 'CMX COMPLEX NM'. Attackers can inject malicious HTML and JavaScript code into these cookie values to execute arbitrary scripts in a victim...

CVE-2025-9624

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

OpenSearch is vulnerable to DoS via complex query_string inputs

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions below 2.19.4 and versions 3.0.0 through 3.2.0...

EUVD-2025-199644

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions below 3.2.0...

CVE-2025-9624

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

PT-2025-48080

Name of the Vulnerable Software and Affected Versions OpenSearch versions prior to 3.2.0 Description A flaw exists in OpenSearch that enables attackers to trigger a Denial of Service DoS condition. This is achieved by providing complex query string inputs. Recommendations Update to version 3.2.0 ...

An In-Depth Systematic Analysis of the Security, Usability, and Automation Capabilities of Password Update Processes on Top-Ranked Websites

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical cyber hygiene measure. However, password update processe...

EUVD-2025-100302

Malicious code in complexsailfishz3n npm...

EUVD-2025-106022

Malicious code in complexchipmunkz3n npm...

EUVD-2025-92687

Malicious code in complextunaz3n npm...