ROS-20260410-73-0011

Vulnerability in libssh related to the use of regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260120-7322

A vulnerability in the tracing component of the eventtriggerwrite function of the Linux kernel is related to insufficient regular expression handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Remote Code Execution (RCE)

cn.hutool, hutool-extra is vulnerable to remote code execution RCE. The vulnerability is due to improper expression handling in the QLExpressEngine class, which allows an attacker to execute arbitrary expressions leading to arbitrary method invocation and potential remote code execution...

CLSA-2025-1761844489 Fix of 9 CVEs

SECURITY UPDATE: multiple vulnerabilities in AWK implementation - debian/patches/CVE-2021-423xx-awk.patch: fix issues with argument parsing, delete statement validation, length parsing, post-increment/decrement on literals, expression handling, regex splitting, use-after-realloc, and maxfields...

EUVD-2007-0912

Malware in sbrugna...

EUVD-2019-8868

Malware in sbrugna...

GitLab 12.10 < 14.3.6 / 14.4 < 14.4.4 / 14.5 < 14.5.2 (CVE-2021-39933)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A...

Security fix for the ALT Linux 10 package java-11-openjdk version 0:11.0.15.0.10-alt1_1jpp11

0:11.0.15.0.10-alt11jpp11 built July 14, 2022 Andrey Cherepanov in task 303498 June 29, 2022 Andrey Cherepanov - New version. - Security fixes + JDK-8270504, CVE-2022-21426: Better XPath expression handling + JDK-8275082, JDK-8278008, CVE-2022-21476: Update XML Security for Java to 2.3.0 +...

SUSE-SU-2020:1511-2 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Java was updated to jdk-11.0.7+10 April 2020 CPU, bsc1169511. Security issues fixed: - CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service bsc1169511. - CVE-2020-2755: Fixed an...

DEBIAN-CVE-2019-20334

In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...

Apache Struts Dynamic Method Invocation Expression Handling RCE

Remote command execution vulnerability in Apache Struts Dynamic Method Invocation expression handling Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

openSUSE Security Update : fossil (openSUSE-2017-949)

This update for fossil to version 2.3 fixes the following issues : - Potential XSS vulnerability on the /help webpage boo1053267 This update also contains all upstream improvements and fixes in version 2.3 : - Update internal Unicode character tables, used in regular expression handling, from...

CVE-2015-8388

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

Atlassian Confluence < 5.1.5 OGNL Expression Handling Double Evaluation Error Remote Code Execution

According to its self-reported version number, the instance of Atlassian Confluence on the remote host is a version prior to 5.1.5. It is, therefore, affected by a remote code execution vulnerability due to a flaw in the handling of OGNL expressions. This could allow an attacker to execute...

Apple Safari 3.1之前版本多个安全漏洞

BUGTRAQ ID: 28290 CVECAN ID: CVE-2008-1011,CVE-2008-1010,CVE-2008-1009,CVE-2008-1008,CVE-2008-1007,CVE-2008-1006,CVE-2008-1005,CVE-2008-1004,CVE-2008-1003,CVE-2008-1002,CVE-2008-1001,CVE-2008-0050 Safari是苹果家族操作系统默认所捆绑的WEB浏览器。 Safari的3.1版修复了多个安全漏洞，具体如下： CVE-2008-0050 恶意的HTTPS代理服务器可能在502 Bad...

CentOS 3 : tcltk (CESA-2008:0134)

Updated tcltk packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tcl is a scripting language designed for embedding into other applications and for use...