Denial of Service via Stack Exhaustion

Impact When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,...

CVE-2025-67478 Wrong E-Mail address composition for usernames with a comma and Umlauts in it like "Döe, Jähn"

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...

EUVD-2019-17688

Malware in sbrugna...

EUVD-2022-0444

Malicious code in bioql PyPI...

CVE-2019-8290

Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sentregister.php allowing special characters to be included and an XSS payload to be injected...

GHSA-CQ42-VHV7-XR7P Keycloak Denial of Service via account lockout

In any realm set with "User Self registration" a user that is registered with a username in email format can be "locked out" denied from logging in using his username...

Regular expression deinal of service (ReDoS) in is-my-json-valid

It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU time when validated...

Mozilla: Partial protection of inline OpenPGP message not indicated

If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected. This vulnerability affects Thunderbird 78.10.2...

CVE-2018-1107

It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU time when validated...

CVE-2018-1107

It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU time when validated...

CVE-2018-1107

CVE-2018-1107 describes a Denial of Service in the is-my-json-valid JavaScript library due to an inefficient regular expression used to validate emails. A crafted JSON file can cause high CPU consumption when validated, leading to potential service degradation or outage. The vulnerability is tied...

CVE-2019-8290

Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sentregister.php allowing special characters to be included and an XSS payload to be injected...

Format string

Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sentregister.php allowing special characters to be included and an XSS payload to be injected...

CVE-2019-8290

Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sentregister.php allowing special characters to be included and an XSS payload to be injected...

CVE-2018-1107

It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU time when validated...

Gratipay: An adversary can harvest email address for spamming.

The website is displaying email address. These email address can be harvested by automated programs called bots and then used as a target for spamming. 1. Use any Email extractor tool or Add on. Here I have used Chrome Email Extractor Add on offered by Mr. Alien. 2. In Browser open...

Joomla JE Story 1.4 SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

DoS attacks on MIME-capable software via complex MIME emails

== DoS attacks on MIME-capable software via complex MIME emails == == Preface == On the phneutral 0x7d8 and RSS 08, I gave short talks on a widely unregarded problem with MIME software. Due to popular demand, I decided to publish a short writeup of the talk. == What is MIME? == MIME is the standa...

askpert-sql.txt

WwW.TR-ShaRk.Co.cC AskPert Auth bypass SQL Injection Vulnerability WwW.TR-ShaRk.Co.cC WwW.TR-ShaRk.Co.cC Author : TR-ShaRk Msn : [email protected] Web : WwW.TR-ShaRk.Co.cC I am Not Hacker Greetz :FATAL,STR0KE,ARANELWORM,CAKIDECCAL,CEZOHAN,WEBLOADER Orospu Cocuklari; Elitehacker,Netshooter...

revsense-sql.txt

RevSense v.1.0 Auth bypass SQL Injection Vulnerability + Script home : http://www.revsense.com/ - Discovered By : d3b4g - Greetz : str0ke / All my freind Dork:Powered by Revsense Go to www.target.com/index.php?section=user&action=login Use following information to bypass login. Write any email...