3627 matches found
Fuji Electric Tellus Lite V-Simulator and V-Server Lite
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Tellus Lite V-Simulator, and V-Server Lite Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Untrusted Pointer Dereference, Out-of-bounds Read, Access of Uninitialized Pointer,...
CVE-2021-41168
Snudown is a reddit-specific fork of the Sundown Markdown parser used by GitHub, with Python integration added. In affected versions snudown was found to be vulnerable to denial of service attacks to its reference table implementation. References written in markdown referencename:...
Design/Logic Flaw
Snudown is a reddit-specific fork of the Sundown Markdown parser used by GitHub, with Python integration added. In affected versions snudown was found to be vulnerable to denial of service attacks to its reference table implementation. References written in markdown referencename:...
ICONICS GENESIS64 and Mitsubishi Electric MC Works64
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS GENESIS64, Mitsubishi Electric MC Works64 Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may...
Wrong keeper reward computation
Handle cmichel Vulnerability details The PoolKeeper.keeperReward computation mixes WADs and Quads which leads to issues. 1. Note that keeperTip returns values where 1 = 1%, and 100 = 100%, the same way BASETIP = 5 = 5%. Thus tipPercent = ABDKMathQuad.fromUIntkeeperTip is a Quad value of this keep...
Design/Logic Flaw
Zulip is an open source team chat server. In affected versions Zulip allows organization administrators on a server to configure "linkifiers" that automatically create links from messages that users send, detected via arbitrary regular expressions. Malicious organization administrators could...
Zulip server 安全漏洞
Zulip server is an open source team chat application from Zulip, Inc. in the United States. Zulip server has a security vulnerability that allows administrators of malicious organizations to subject the server to a denial of service via a regular expression complexity attack...
GHSA-X55W-VJJP-222R inflect vulnerable to Inefficient Regular Expression Complexity
inflect is customizable inflections for nodejs. inflect is vulnerable to Inefficient Regular Expression Complexity...
CVE-2021-3828
nltk is vulnerable to Inefficient Regular Expression Complexity...
CVE-2021-3820
inflect is vulnerable to Inefficient Regular Expression Complexity...
CVE-2021-3822
jsoneditor is vulnerable to Inefficient Regular Expression Complexity...
CVE-2021-3820
inflect is vulnerable to Inefficient Regular Expression Complexity...
CVE-2021-3828
nltk is vulnerable to Inefficient Regular Expression Complexity...
Design/Logic Flaw
jsoneditor is vulnerable to Inefficient Regular Expression Complexity...
PYSEC-2021-356
nltk is vulnerable to Inefficient Regular Expression Complexity...
CVE-2021-3828
CVE-2021-3828 affects the Python nltk package with a vulnerability to ReDoS (inefficient regular-expression handling). Connected sources show fixes in newer nltk releases (e.g., updates to 3.6.x/3.7, and OpenSUSE/SUSE advisories mentioning python-nltk fixes) and advisories noting the issue in Ubu...
CVE-2021-3828
nltk is vulnerable to Inefficient Regular Expression Complexity...
CVE-2021-3822 Inefficient Regular Expression Complexity in josdejong/jsoneditor
jsoneditor is vulnerable to Inefficient Regular Expression Complexity...
CVE-2021-3822
The CVE-2021-3822 entry concerns jsoneditor (josdejong/jsoneditor), where the getInnerText function uses an inefficient regex for trimmedValue, creating potential Regular Expression Denial of Service (ReDoS). Multiple connected sources corroborate a ReDoS risk affecting jsoneditor, with reference...
CVE-2021-3820
CVE-2021-3820 affects the npm package inflect. The vulnerability is a result of inefficient regular expressions (ReDoS) in the table_name input to the classify function, enabling an attacker to cause excessive CPU usage and potential denial of service. A PoC snippet demonstrates escalating CPU co...