58 matches found
CVE-2026-44631
A flaw was found in Apache HTTP Server. This buffer underwrite vulnerability occurs when processing crafted regular expressions in the server's configuration. An attacker could potentially exploit this to cause a denial of service. Mitigation Only loadtrustedApache configuration; the bug triggers...
Apache HTTP Server 安全漏洞
Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There is a buffer overflow vulnerability present in Apache HTTP Server, but detailed informatio...
CVE-2026-44796
Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, Nautobot UI object-bulk-rename endpoints for example, /dcim/interfaces/rename/ were vulnerable to application-wide denial of service via maliciously crafted regular expressions in the find field in...
EUVD-2026-32975
Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, Nautobot UI object-bulk-rename endpoints for example, /dcim/interfaces/rename/ were vulnerable to application-wide denial of service via maliciously crafted regular expressions in the find field in...
CVE-2026-44796 Nautobot: Object bulk rename UI actions vulnerable to denial of service by crafted regular expression (REDoS)
Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, Nautobot UI object-bulk-rename endpoints for example, /dcim/interfaces/rename/ were vulnerable to application-wide denial of service via maliciously crafted regular expressions in the find field in...
GHSA-QRPW-GJVH-X5GM Nautobot: Object bulk rename UI actions vulnerable to denial of service by crafted regular expression (REDoS)
Impact Nautobot UI object-bulk-rename endpoints for example, /dcim/interfaces/rename/ were vulnerable to application-wide denial of service via maliciously crafted regular expressions in the find field in combination with the useregex flag. Patches A general-purpose timeout has been added to thes...
Parse Server 安全漏洞
Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. There were security vulnerabilities in versions of Parse Server prior to 9.5.0-alpha.14 and 8.6.11. These vulnerabilities stemmed from malicious clients being able t...
[SECURITY] [DLA 4393-1] mako security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-4393-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 03, 2025 https://wiki.debian.org/LTS -...
EUVD-2006-7207
Malware in sbrugna...
EUVD-2015-8268
Malware in sbrugna...
EUVD-2015-8263
Malware in sbrugna...
CVE-2025-33090 IBM Concert Software denial of service
IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to cause a denial of service using a specially crafted regular expression that would cause excessive resource consumption...
IBM Concert Software 安全漏洞
IBM Concert Software is IBM's generative AI-driven automated application management and monitoring tool based on the WatsonX platform, focused on optimizing the operational efficiency and reliability of applications. A denial of service vulnerability exists in IBM Concert Software, which stems fr...
Cisco NX-OS Resource Management Errors (CVE-2013-1121)
The regex engine in the BGP implementation in Cisco NX-OS, when a complex regular expression is configured for inbound routes, allows remote attackers to cause a denial of service device reload via a crafted AS path set, aka Bug ID CSCuf49554. This plugin only works with Tenable.ot. Please visit...
PT-2023-7202
Name of the Vulnerable Software and Affected Versions perl versions 5.30.0 through 5.38.0 Description The issue is related to a buffer overflow in dynamic memory due to improper handling of crafted regular expressions. This can allow a remote attacker to control the buffer overflow, potentially...
SUSE CVE-2013-2266
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service memory consumption via a crafted regular expression, as demonstrated by a memory-exhaustion attack again...
SUSE CVE-2015-2327
PCRE before 8.36 mishandles the /a\2|a\g/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a...
SUSE CVE-2015-8380
The pcreexec function in pcreexec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegE...
Ubuntu 16.04 ESM : PCRE vulnerabilities (USN-5665-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5665-1 advisory. It was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to...
Mageia: Security Advisory (MGASA-2022-0350)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...