Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3627 matches found

UbuntuCve
UbuntuCveadded 2023/01/05 12:15 p.m.29 views

CVE-2017-20162

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has...

5.3CVSS5.4AI score0.00981EPSS
Exploits1References4
OSV
OSVadded 2023/01/05 12:15 p.m.2 views

UBUNTU-CVE-2017-20162

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has...

5.3CVSS5.1AI score0.00981EPSS
Exploits1References5
Cvelist
Cvelistadded 2023/01/05 11:49 a.m.42 views

CVE-2017-20162 vercel ms index.js parse redos

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has...

4.3CVSS5.8AI score0.00981EPSS
Exploits1References5
NVD
NVDadded 2023/01/05 11:15 a.m.12 views

CVE-2021-4305

A vulnerability was found in Woorank robots-txt-guard. It has been rated as problematic. Affected by this issue is the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression complexity. The exploit has been disclosed ...

7.5CVSS5AI score0.00938EPSS
Exploits0References4
Prion
Prionadded 2023/01/05 11:15 a.m.16 views

Design/Logic Flaw

A vulnerability was found in Woorank robots-txt-guard. It has been rated as problematic. Affected by this issue is the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression complexity. The exploit has been disclosed ...

5CVSS7.6AI score0.00938EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2023/01/05 10:3 a.m.51 views

CVE-2021-4305

Woorank robots-txt-guard is affected by a Regular Expression Denial of Service (ReDoS) in the makePathPattern function of lib/patterns.js. The manipulation of the pattern argument leads to inefficient regex complexity. Exploitation details have been disclosed publicly. A patch named c03827cd2f993...

7.5CVSS5.5AI score0.00938EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2023/01/05 10:3 a.m.25 views

CVE-2021-4305 Woorank robots-txt-guard patterns.js makePathPattern redos

A vulnerability was found in Woorank robots-txt-guard. It has been rated as problematic. Affected by this issue is the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression complexity. The exploit has been disclosed ...

3.5CVSS7.8AI score0.00938EPSS
Exploits0References4
Veracode
Veracodeadded 2023/01/05 9:31 a.m.19 views

Regular Expression Denial Of Service (ReDoS)

markdown-it is vulnerable to regular expression denial of service DoS attacks. A malicious user is able to pass a crafted regex statement through the replace function in lib/common/htmlre.js, causing an application crash due to inefficient regular expression complexity...

7.5CVSS7AI score0.00946EPSS
Exploits0References5Affected Software1
Prion
Prionadded 2023/01/05 9:15 a.m.12 views

Cross site scripting

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

5.8CVSS6AI score0.00507EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2023/01/05 12:0 a.m.3 views

PT-2023-12409 · Unknown · Woorank Robots-Txt-Guard

Name of the Vulnerable Software and Affected Versions: Woorank robots-txt-guard affected versions not specified Description: A vulnerability was found in the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression...

7.5CVSS4.6AI score0.00938EPSS
Exploits0References9
NVD
NVDadded 2023/01/04 10:15 p.m.31 views

CVE-2023-22467

Luxon is a library for working with dates and times in JavaScript. On the 1.x branch prior to 1.38.1, the 2.x branch prior to 2.5.2, and the 3.x branch on 3.2.1, Luxon's DateTime.fromRFC2822 has quadratic N^2 complexity on some specific inputs. This causes a noticeable slowdown for inputs with...

7.5CVSS7.6AI score0.01707EPSS
Exploits0References6
Prion
Prionadded 2023/01/04 10:15 p.m.39 views

Input validation

Luxon is a library for working with dates and times in JavaScript. On the 1.x branch prior to 1.38.1, the 2.x branch prior to 2.5.2, and the 3.x branch on 3.2.1, Luxon's DateTime.fromRFC2822 has quadratic N^2 complexity on some specific inputs. This causes a noticeable slowdown for inputs with...

5CVSS7.5AI score0.03949EPSS
Exploits1References6Affected Software1
OSV
OSVadded 2023/01/04 9:52 p.m.25 views

CVE-2023-22467 luxon.js inefficient regular expression complexity vulnerability

Luxon is a library for working with dates and times in JavaScript. On the 1.x branch prior to 1.38.1, the 2.x branch prior to 2.5.2, and the 3.x branch on 3.2.1, Luxon's DateTime.fromRFC2822 has quadratic N^2 complexity on some specific inputs. This causes a noticeable slowdown for inputs with...

7.5CVSS6.4AI score0.01707EPSS
Exploits0References8
Prion
Prionadded 2023/01/02 7:15 p.m.17 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in drybjed ansible-ntp. Affected by this issue is some unknown functionality of the file meta/main.yml. The manipulation leads to insufficient control of network message volume. The attack can only be done within the local...

1.4CVSS6.9AI score0.00399EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blogadded 2023/01/02 9:31 a.m.29 views

string-kit Inefficient Regular Expression Complexity vulnerability

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

7.5CVSS4.1AI score0.00927EPSS
Exploits0References6Affected Software1
NVD
NVDadded 2023/01/02 8:15 a.m.14 views

CVE-2021-4299

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

7.5CVSS5.3AI score0.00927EPSS
Exploits0References4
Prion
Prionadded 2023/01/02 8:15 a.m.14 views

Design/Logic Flaw

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

5CVSS7.6AI score0.00927EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2023/01/02 8:15 a.m.16 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in enigmaX up to 2.2. This issue affects the function getSeed of the file main.c of the component Scrambling Table Handler. The manipulation leads to predictable seed in pseudo-random number generator prng. The attack may be...

5CVSS7.1AI score0.00758EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2023/01/02 7:57 a.m.15 views

CVE-2021-4299 cronvel string-kit naturalSort.js naturalSort redos

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

4.3CVSS7.8AI score0.00927EPSS
Exploits0References4
CVE
CVEadded 2023/01/02 7:57 a.m.48 views

CVE-2021-4299

The CVE-2021-4299 issue affects cronvel string-kit up to v0.12.7, specifically the naturalSort function in lib/naturalSort.js. The vulnerability stems from inefficient regular-expression complexity, enabling a remote attacker to cause performance-based impact (DoS). Upgrading to v0.12.8 mitigates...

7.5CVSS5.8AI score0.00927EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder