8220 matches found
Forms 输入验证错误漏洞
caolan forms is open source a simple program for creating, parsing and validating forms. An input validation error vulnerability exists in Forms that originates. An attacker could use this vulnerability to launch a Regular Expression Denial of Service ReDoS attack during email validation. The...
CVE-2021-23388
The CVE-2021-23388 entry concerns the caolan/forms library and its email validation regex. Affected versions are before 1.2.1 and 1.3.0 through 1.3.2, where an insecure regular expression can cause a Regular Expression Denial of Service (ReDoS), potentially consuming significant CPU and slowing o...
CVE-2021-23388 Regular Expression Denial of Service (ReDoS)
The package forms before 1.2.1, from 1.3.0 and before 1.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via email validation...
justy-entity (>=1.0.0 <=1.3.7) potentially affected by CVE-2021-23388 via forms (=1.1.4)
forms NPM version =1.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on forms and may be impacted: - justy-entity =1.0.0, =1.3.7 Source cves: CVE-2021-23388 Source advisory: SNYK:JS-FORMS-1296389...
Regular Expression Denial of Service (ReDoS)
Overview forms is a libary that allows you to create, parse, and validate forms Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via email validation. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessib...
CVE-2021-24282
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the various AJAX actions in the plugin to do a variety of things. For example, an attacker could use wpcf7rresetsettings to reset the plugin’s settings, wpcf7raddaction to...
The vulnerability of the XML syntax analyzer in the Apache PDFBox Java library allows attackers to perform XXE attacks.
The vulnerability of the XML syntax analyzer in the Apache PDFBox Java library is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks using a specially created XFDF file...
Foxit Reader Code Execution Vulnerability (CNVD-2021-38094)
Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...
Foxit Reader XFA Form Reuse After Release Remote Code Execution Vulnerability
Foxit Reader is a Chinese Foxit Foxit company's a PDF document reader. A security vulnerability exists in Foxit Reader XFA Forms. The vulnerability stems from the failure to verify the existence of an object before performing an operation on it. An attacker can exploit this vulnerability by...
Foxit Reader Code Execution Vulnerability (CNVD-2021-38097)
Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...
Foxit Reader Code Execution Vulnerability (CNVD-2021-38099)
Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...
CVE-2021-31459
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-31459
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-31455
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-31455
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-31452
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-31450
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-31453
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-31453
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-31452
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...