CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2024/12/13 4:23 a.m.•7 views

CVE-2024-12579 Minify HTML <= 2.1.10 - - Regular Expressions Denial of Service

5.3CVSS6.7AI score0.00485EPSS

CVE•added 2024/12/13 4:23 a.m.•42 views

CVE-2024-12579

The CVE-2024-12579 entry concerns the Minify HTML plugin for WordPress. According to Red Hat and Wordfence sources, the vulnerability is a Regular Expression Denial of Service (ReDoS) caused by processing user-supplied input as a regular expression. It affects all versions up to and including 2.1...

5.3CVSS5.2AI score0.00485EPSS

CNNVD•added 2024/12/13 12:0 a.m.•1 views

ComfyUI_AceNodes 安全漏洞

ComfyUIAceNodes is a utility node for ComfyUI by Kaifeng Xu, a personal developer. A security vulnerability exists in ComfyUIAceNodes, which originates when the entry point function of the ACEExpressionEval node accepts arbitrary user-controlled data, which allows the user to create a workflow th...

10CVSS7.3AI score0.00221EPSS

Exploits0References1

Positive Technologies•added 2024/12/13 12:0 a.m.•2 views

PT-2024-17663 · WordPress · Minify Html

Name of the Vulnerable Software and Affected Versions: Minify HTML plugin for WordPress versions up to, and including, 2.1.10 Description: The issue is related to a Regular Expression Denial of Service ReDoS vulnerability. This vulnerability arises from the plugin's processing of user-supplied...

5.3CVSS7AI score0.00485EPSS

OpenVAS•added 2024/12/13 12:0 a.m.•11 views

openSUSE Security Advisory (SUSE-SU-2024:4301-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS6.8AI score0.00067EPSS

CNNVD•added 2024/12/13 12:0 a.m.•1 views

WordPress plugin Minify HTML 资源管理错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A resource manageme...

5.3CVSS8.3AI score0.00485EPSS

Tenable Nessus•added 2024/12/13 12:0 a.m.•12 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs20 (SUSE-SU-2024:4286-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4286-1 advisory. - CVE-2024-21538: Fixed regular expression denial of service in cross-spawn dependency bsc1233856 Other fixes: - Updated to...

8.7CVSS6.4AI score0.00067EPSS

Tenable Nessus•added 2024/12/13 12:0 a.m.•12 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs20 (SUSE-SU-2024:4300-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4300-1 advisory. - CVE-2024-21538: Fixed regular expression denial of service in cross-spawn dependency bsc1233856 Other fixes: - Updated to...

8.7CVSS6.4AI score0.00067EPSS

RedHat Linux•added 2024/12/12 8:0 p.m.•0 views

path-to-regexp: Backtracking regular expressions cause ReDoS

A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, po...

7.5CVSS6.8AI score0.00064EPSS

RedHat Linux•added 2024/12/12 12:58 p.m.•0 views

rexml: REXML ReDoS vulnerability

A flaw was found in the ReXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between & and x...; in a hex numeric character reference &x...; can trigger a regular expression denial of service ReDoS condition, leading to a denial of service...

RedHat Linux•added 2024/12/12 9:20 a.m.•0 views

rexml: REXML ReDoS vulnerability

SUSE Linux•added 2024/12/12 8:10 a.m.•0 views

Security update for nodejs18

This update for nodejs18 fixes the following issues: CVE-2024-21538: Fixed regular expression denial of service in cross-spawn dependency bsc1233856 Other fixes: - Update to 18.20.5 esm: mark import attributes and JSON module as stable deps: + upgrade npm to 10.8.2 + update simdutf to 5.6.0 +...

5.6CVSS6.7AI score0.00067EPSS

RedHat Linux•added 2024/12/12 7:11 a.m.•0 views

rexml: REXML ReDoS vulnerability

SUSE CVE•added 2024/12/12 7:8 a.m.•1 views

SUSE CVE-2024-37820

A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via expression.inferCollation...

5.4CVSS6.9AI score0.00115EPSS

Exploits0References3

RedHat Linux•added 2024/12/12 1:47 a.m.•28 views

Low: Red Hat Security Advisory: OpenShift Container Platform 4.15.41 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.41 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

8.7CVSS6.6AI score0.00067EPSS

Exploits0References15

OpenVAS•added 2024/12/12 12:0 a.m.•15 views

openSUSE Security Advisory (SUSE-SU-2024:4286-1)

8.7CVSS6.8AI score0.00067EPSS

RedHat Linux•added 2024/12/11 7:14 p.m.•3 views

rexml: REXML ReDoS vulnerability

RedHat Linux•added 2024/12/11 5:18 p.m.•1 views

rexml: REXML ReDoS vulnerability