Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9265 matches found

Tenable Nessus
Tenable Nessusadded 2017/02/13 12:0 a.m.29 views

GLSA-201702-06 : Graphviz: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201702-06 Graphviz: Multiple vulnerabilities Multiple vulnerabilities in Graphviz were discovered. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, able to control input matched against a...

10CVSS6.9AI score0.06082EPSS
Exploits2References4
Gentoo Linux
Gentoo Linuxadded 2017/02/10 12:0 a.m.29 views

Graphviz: Multiple vulnerabilities

Background Graphviz is an open source graph visualization software. Description Multiple vulnerabilities in Graphviz were discovered. Please review the CVE identifiers referenced below for details. Impact A remote attacker, able to control input matched against a regular expression or by enticing...

10CVSS7.7AI score0.06082EPSS
Exploits2
Node.js
Node.jsadded 2017/02/09 8:11 p.m.54 views

ReDoS via long UserAgent header

Overview Affected versions of useragent are vulnerable to regular expression denial of service when an arbitrarily long User-Agent header is parsed. Proof of Concept var useragent = require'useragent'; var badUserAgent = 'MSIE 0.0'+Array900000.join'0'+'XBLWP'; var request = 'GET /...

5CVSS3.8AI score0.01162EPSS
Exploits1Affected Software1
CNVD
CNVDadded 2017/02/07 12:0 a.m.2 views

Artifex MuJS 'regexp.c' Integer Overflow Vulnerability

Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA, which is used to embed into other software to provide script execution capabilities. An integer overflow vulnerability exists in the 'jsregcomp' function of the regexp.c file in Artifex Software MuJS. An...

7.5CVSS7.1AI score0.02804EPSS
Exploits0References1
OSV
OSVadded 2017/02/06 6:59 p.m.3 views

CVE-2017-5677

PEAR HTMLAJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression...

9.8CVSS6AI score
Exploits0References6
Prion
Prionadded 2017/02/06 6:59 p.m.18 views

Design/Logic Flaw

PEAR HTMLAJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression...

7.5CVSS9.8AI score0.04826EPSS
Exploits2References6Affected Software1
NVD
NVDadded 2017/02/06 6:59 p.m.14 views

CVE-2017-5677

PEAR HTMLAJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression...

9.8CVSS9.9AI score0.04826EPSS
Exploits2References6
Cvelist
Cvelistadded 2017/02/06 6:0 p.m.16 views

CVE-2017-5677

PEAR HTMLAJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression...

10AI score0.04826EPSS
Exploits2References6
CVE
CVEadded 2017/02/06 6:0 p.m.55 views

CVE-2017-5677

Summary: CVE-2017-5677 affects PEAR HTML_AJAX versions 0.3.0–0.5.7. The vulnerability is a PHP Object Injection in the HTML_AJAX_Serializer_PHP class, which uses unserialize() on user-controlled input. The root cause is described as an incorrect regular expression used to extract class names, all...

9.8CVSS9.8AI score0.04826EPSS
Exploits2References6Affected Software1
UbuntuCve
UbuntuCveadded 2017/02/03 3:59 p.m.23 views

CVE-2016-9108

Integer overflow in the jsregcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service application crash via a crafted regular expression...

7.5CVSS7.2AI score0.02804EPSS
Exploits0References2
OSV
OSVadded 2017/02/03 3:59 p.m.1 views

CVE-2016-9108

Integer overflow in the jsregcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service application crash via a crafted regular expression...

7.5CVSS5.8AI score0.02804EPSS
Exploits0References6
NVD
NVDadded 2017/02/03 3:59 p.m.15 views

CVE-2016-9108

Integer overflow in the jsregcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service application crash via a crafted regular expression...

7.5CVSS7.3AI score0.02804EPSS
Exploits0References6
OSV
OSVadded 2017/02/03 3:59 p.m.2 views

UBUNTU-CVE-2016-9108

Integer overflow in the jsregcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service application crash via a crafted regular expression...

7.5CVSS7.2AI score0.02804EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2017/02/03 3:0 p.m.18 views

CVE-2016-9108

Integer overflow in the jsregcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service application crash via a crafted regular expression...

7.5CVSS8.2AI score0.02804EPSS
Exploits0
Cvelist
Cvelistadded 2017/02/03 3:0 p.m.21 views

CVE-2016-9108

Integer overflow in the jsregcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service application crash via a crafted regular expression...

7.2AI score0.02804EPSS
Exploits0References6
OSV
OSVadded 2017/01/23 9:59 p.m.24 views

CVE-2016-9379

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...

7.9CVSS6.6AI score
Exploits0References6
Prion
Prionadded 2017/01/23 9:59 p.m.11 views

Code injection

The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service CPU consumption via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service ReDoS."...

7.8CVSS6.8AI score0.04298EPSS
Exploits0References5Affected Software2
Prion
Prionadded 2017/01/23 9:59 p.m.24 views

Format string

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...

4.6CVSS6.6AI score0.00441EPSS
Exploits0References6Affected Software1
Prion
Prionadded 2017/01/23 9:59 p.m.9 views

Design/Logic Flaw

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.8CVSS6.8AI score0.06435EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2017/01/23 9:59 p.m.21 views

Design/Logic Flaw

The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.8CVSS6.8AI score0.06768EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder