Linux Distros Unpatched Vulnerability : CVE-2021-33462

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in yasm version 1.3.0. There is a use-after-free in exprtraversenodespost in libyasm/expr.c. CVE-2021-33462 Note that Nessus relies on t...

Linux Distros Unpatched Vulnerability : CVE-2017-16119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is...

Linux Distros Unpatched Vulnerability : CVE-2020-5243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression...

Linux Distros Unpatched Vulnerability : CVE-2020-6817

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bleach.clean behavior parsing style attributes could result in a regular expression denial of service ReDoS. Calls to bleach.clean with an allowed tag with an...

Linux Distros Unpatched Vulnerability : CVE-2018-25110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service ReDoS attack due to catastrophic backtracking in several regular...

Linux Distros Unpatched Vulnerability : CVE-2021-32821

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular...

Linux Distros Unpatched Vulnerability : CVE-2021-43306

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary...

Linux Distros Unpatched Vulnerability : CVE-2021-44686

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service in htmlpreprocessrules in...

Linux Distros Unpatched Vulnerability : CVE-2023-2198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all...

Linux Distros Unpatched Vulnerability : CVE-2022-31086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 incorrect...

Linux Distros Unpatched Vulnerability : CVE-2023-20863

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may...

Linux Distros Unpatched Vulnerability : CVE-2023-22796

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A regular expression based DoS vulnerability in Active Support 6.1.7.1 and 7.0.4.1. A specially crafted string passed to the underscore method can cause the...

Linux Distros Unpatched Vulnerability : CVE-2021-33463

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasmexprcopyexcept in libyasm/expr.c. CVE-2021-33463 Note that Nessus reli...

TencentOS Server 4: sqlite (TSSA-2025:0702)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0702 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-9277 SiteSEO – SEO Simplified <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Broken Regex Expression

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the broken pregreplace expression in all versions up to, and including, 1.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-9277 SiteSEO – SEO Simplified <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Broken Regex Expression

The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the broken pregreplace expression in all versions up to, and including, 1.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

Security Bulletin: Multiple vulnerabilities that affects BigReplicate (CVE-2024-51504, CVE-2024-38821, CVE-2023-20863)

Summary zookeeper-3.9.2.jar, spring-aop-5.3.26.jar, spring-security-web-5.8.11.jar dependency packages are being used by IBM BigReplicate . This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID:CVE-2024-51504 DESCRIPTION: When using...

Regular Expression Denial Of Service (ReDoS)

Hugging Face Transformers is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to the use of a regex pattern /^/^// in the converttfweightnametoptweightname function, which allows attackers to craft malicious input strings causing catastrophic backtracking and...

📄 Ivanti Endpoint Manager Mobile 12.5.0.0 Authentication Bypass

Ivanti Endpoint Manager Mobile version 12.5.0.0 authentication bypass proof of concept exploit. !/usr/bin/env python3 Exploit Title: Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass Google Dork: inurl:/mifs "Ivanti" OR "EPM" OR "Endpoint Manager" Date: 2025-01-21 Exploit Author: Yo...

Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass

!/usr/bin/env python3 Exploit Title: Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass Google Dork: inurl:/mifs "Ivanti" OR "EPM" OR "Endpoint Manager" Date: 2025-01-21 Exploit Author: Your Name https://github.com/your-username Vendor Homepage: https://www.ivanti.com/ Software Link:...