48 matches found
Incorrect Authorization
Overview auth0-js is an Auth0 headless browser sdk Affected versions of this package are vulnerable to Incorrect Authorization via token validation. An attacker can gain unauthorized access to user profile information by providing a specifically crafted invalid ID token along with a valid access...
CVE-2025-40241
In the Linux kernel, the following vulnerability has been resolved: erofs: fix crafted invalid cases for encoded extents Robert recently reported two corrupted images that can cause system crashes, which are related to the new encoded extents introduced in Linux 6.15: - The first one 1 has plen !...
UBUNTU-CVE-2025-40241
In the Linux kernel, the following vulnerability has been resolved: erofs: fix crafted invalid cases for encoded extents Robert recently reported two corrupted images that can cause system crashes, which are related to the new encoded extents introduced in Linux 6.15: - The first one 1 has plen !...
CVE-2025-40241
In the Linux kernel, the following vulnerability has been resolved: erofs: fix crafted invalid cases for encoded extents Robert recently reported two corrupted images that can cause system crashes, which are related to the new encoded extents introduced in Linux 6.15: - The first one 1 has plen !...
CVE-2025-40241 erofs: fix crafted invalid cases for encoded extents
In the Linux kernel, the following vulnerability has been resolved: erofs: fix crafted invalid cases for encoded extents Robert recently reported two corrupted images that can cause system crashes, which are related to the new encoded extents introduced in Linux 6.15: - The first one 1 has plen !...
PT-2025-49068
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.15 and later Description The Linux kernel contains an issue related to encoded extents within the erofs filesystem. Specifically, crafted, invalid images can cause system crashes. This occurs due to improper handling of...
EUVD-2021-28050
Malicious code in bioql PyPI...
EUVD-2021-28053
Malicious code in bioql PyPI...
EUVD-2022-1191
Malicious code in bioql PyPI...
EUVD-2021-28056
Malicious code in bioql PyPI...
regexfn denial of service vulnerability
regexfn is a function that can be used for generic RegEx validation. regexfn version v1.0.5 contains a denial of service vulnerability that stems from not doing the right thing when validating crafted invalid emails, which could be exploited by an attacker to cause an application denial of servic...
todo-regex denial of service vulnerability
todo-regex is a regular expression used to match TODO statements in strings. todo-regex v0.1.1 is vulnerable to denial of service, which can be exploited by attackers to cause a denial of service when matching carefully crafted invalid TODO statements...
CVE-2021-40901
A Regular Expression Denial of Service ReDOS vulnerability was discovered in scniro-validator v1.0.1 when validating crafted invalid emails...
Denial of service
A Regular Expression Denial of Service ReDOS vulnerability was discovered in scniro-validator v1.0.1 when validating crafted invalid emails...
Denial of service
A Regular Expression Denial of Service ReDOS vulnerability was discovered in regexfn v1.0.5 when validating crafted invalid emails...
CVE-2021-40899
A Regular Expression Denial of Service ReDOS vulnerability was discovered in repo-git-downloader v0.1.1 when downloading crafted invalid git repositories...
CVE-2021-40898
A Regular Expression Denial of Service ReDOS vulnerability was discovered in scaffold-helper v1.2.0 when copying crafted invalid files...
Denial of service
A Regular Expression Denial of Service ReDOS vulnerability was discovered in scaffold-helper v1.2.0 when copying crafted invalid files...
CVE-2021-40897
A Regular Expression Denial of Service ReDOS vulnerability was discovered in split-html-to-chars v1.0.5 when splitting crafted invalid htmls...
CVE-2021-40896
A Regular Expression Denial of Service ReDOS vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails...