Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2025/06/24 1:13 a.m.2 views

libarchive: Buffer Overflow vulnerability in libarchive

A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be...

7.8CVSS7.2AI score0.00329EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/03/03 3:54 a.m.6 views

CVE-2025-25724

A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be...

4CVSS4.2AI score0.00329EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/11/01 12:0 a.m.5 views

PKP customLocale Cross-Site Request Forgery Vulnerability

PKP customLocale is PKP's custom locale plugin for OPS, OJS and OMP. A cross-site request forgery vulnerability exists in PKP customLocale versions prior to 1.2.0-1, which can be exploited by an attacker to send a fake request to a user...

8.8CVSS6.7AI score0.00216EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/11/01 12:0 a.m.7 views

PT-2023-32404 · Unknown · Pkp/Customlocale

Name of the Vulnerable Software and Affected Versions: pkp/customLocale versions prior to 1.2.0-1 Description: The issue is related to Cross-Site Request Forgery CSRF in the GitHub repository pkp/customLocale. CSRF is an attack that tricks a user into performing unintended actions on a web...

8.8CVSS6.3AI score0.00216EPSS
Exploits1References6
Veracode
Veracode
added 2022/05/04 7:23 a.m.1795 views

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to regular expression denial of service. An attacker can crash the application by providing a very high value of custom locale rule through the posPre attribute in the parsePattern function of parser.js...

7.5CVSS3.9AI score0.04658EPSS
Exploits1References7Affected Software2
RedhatCVE
RedhatCVE
added 2022/05/02 12:58 p.m.52 views

CVE-2022-25844

A flaw was found in the Angular package. The angular package is vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value...

7.5CVSS2.6AI score0.04658EPSS
Exploits1References3
NVD
NVD
added 2022/05/01 4:15 p.m.16 views

CVE-2022-25844

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...

7.5CVSS0.04658EPSS
Exploits1References9
OSV
OSV
added 2022/05/01 4:15 p.m.8 views

UBUNTU-CVE-2022-25844

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...

7.5CVSS6.7AI score0.04658EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2022/05/01 4:15 p.m.63 views

CVE-2022-25844

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...

7.5CVSS6.7AI score0.04658EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2022/05/01 3:25 p.m.46 views

CVE-2022-25844

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...

7.5CVSS6.7AI score0.04658EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/05/01 12:0 a.m.6 views

PT-2022-6868

Name of the Vulnerable Software and Affected Versions angular versions 1.7.0 and higher Description The issue is related to the use of a regular expression with inefficient computational complexity in the Angular application design environment and single-page application development platform. Thi...

7.8CVSS7AI score0.04658EPSS
Exploits1References40
Rows per page
Query Builder