Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9211 matches found

Tenable Nessus
Tenable Nessusadded 2019/08/12 12:0 a.m.60 views

NewStart CGSL MAIN 5.04 : glibc Multiple Vulnerabilities (NS-SA-2019-0012)

The remote NewStart CGSL host, running version MAIN 5.04, has glibc packages installed that are affected by multiple vulnerabilities: - elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the...

7.5CVSS8.4AI score0.18703EPSS
Exploits43References12
Github Security Blog
Github Security Blogadded 2019/08/06 1:43 a.m.35 views

Django Denial-of-service in django.utils.text.Truncator

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability i...

7.5CVSS8.4AI score0.0297EPSS
Exploits0References21Affected Software1
OSV
OSVadded 2019/08/02 3:15 p.m.1 views

DEBIAN-CVE-2019-14232

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability i...

7.5CVSS6.6AI score0.0297EPSS
Exploits0References1
PyPA
PyPAadded 2019/08/02 3:15 p.m.5 views

PYSEC-2019-11

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability i...

7.5CVSS7AI score0.0297EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVEadded 2019/08/02 12:0 a.m.25 views

CVE-2019-14232

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability i...

7.5CVSS7.8AI score0.0297EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2019/08/02 12:0 a.m.31 views

CVE-2019-14232

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability i...

7.5CVSS6.9AI score0.0297EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2019/08/01 10:0 a.m.25 views

CVE-2019-14232

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability i...

7.5CVSS6.8AI score0.0297EPSS
Exploits0References2
FreeBSD
FreeBSDadded 2019/08/01 12:0 a.m.38 views

Django -- multiple vulnerabilities

Django release notes: CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

9.8CVSS0.6AI score0.29723EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2019/07/30 9:16 a.m.3 views

perl: Integer overflow leading to buffer overflow in Perl_my_setenv()

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...

9.8CVSS7.6AI score0.1291EPSS
Exploits0References4
Hacker One
Hacker Oneadded 2019/07/27 5:44 a.m.50 views

Ruby: WEBrick::HTTPAuth::DigestAuth authentication is vulnerable to regular expression denial of service (ReDoS)

The private instance method splitparamvalue in class WEBrick::HTTPAuth::DigestAuth uses a regular expression that is vulnerable to denial of service due to catastrophic backtracking. The regular expression is: ^\s\w-.\%!+=\s"\.|^""\s,? Source:...

0.4AI score
Exploits0
OSV
OSVadded 2019/07/23 11:18 a.m.11 views

SUSE-SU-2019:1958-2 Security update for glibc

This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match bsc1127308. - CVE-2009-5155: Fixed a denial of service in parseregexp bsc1127223. Non-security issues fixed: -...

9.8CVSS8.5AI score0.04945EPSS
Exploits2References6
Tenable Nessus
Tenable Nessusadded 2019/07/22 12:0 a.m.43 views

EulerOS 2.0 SP2 : pcre (EulerOS-SA-2019-1733)

According to the versions of the pcre packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The pcreexec function in pcreexec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial...

9.8CVSS8.4AI score0.0287EPSS
Exploits1References5
Tenable Nessus
Tenable Nessusadded 2019/07/22 12:0 a.m.18 views

EulerOS 2.0 SP2 : perl (EulerOS-SA-2019-1717)

According to the version of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write...

9.8CVSS8.3AI score0.1291EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2019/07/19 4:13 p.m.83 views

Regular Expression Denial of Service (ReDoS) in lodash

lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is:...

6.5CVSS5.3AI score0.00207EPSS
Exploits1References9Affected Software4
OSV
OSVadded 2019/07/19 4:13 p.m.0 views

GHSA-X5RQ-J2XG-H7QM Regular Expression Denial of Service (ReDoS) in lodash

lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is:...

6.5CVSS6.8AI score0.00207EPSS
Exploits1References9
RubySec
RubySecadded 2019/07/19 12:0 a.m.4 views

Regular Expression Denial of Service (ReDoS) in lodash

lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is:...

6.5CVSS7AI score0.00207EPSS
Exploits1References1Affected Software1
Fedora
Fedoraadded 2019/07/18 8:32 p.m.15 views

[SECURITY] Fedora 29 Update: mutt-1.12.0-1.fc29

Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...

1AI score
Exploits0
NVD
NVDadded 2019/07/17 9:15 p.m.15 views

CVE-2019-1010266

lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is:...

6.5CVSS7.5AI score0.00207EPSS
Exploits1References4
OSV
OSVadded 2019/07/17 9:15 p.m.1 views

DEBIAN-CVE-2019-1010266

lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is:...

6.5CVSS6.2AI score0.00207EPSS
Exploits1References1
OSV
OSVadded 2019/07/17 9:15 p.m.23 views

CVE-2019-1010266

lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is:...

6.5CVSS6.4AI score
Exploits0References4
Rows per page
Query Builder