63 matches found
EUVD-2017-3817
Malware in sbrugna...
EUVD-2017-11531
Malware in sbrugna...
EUVD-2021-1989
Malware in sbrugna...
EUVD-2018-0918
Malware in sbrugna...
EUVD-2018-1095
Malware in sbrugna...
EUVD-2019-10504
Malware in sbrugna...
EUVD-2021-19542
Malware in sbrugna...
EUVD-2020-20219
Malware in sbrugna...
EUVD-2021-7091
Malicious code in bioql PyPI...
EUVD-2023-24438
Malicious code in bioql PyPI...
CVE-2025-57810 jsPDF Parsing of Corrupt PNGs Leads to Potential Denial of Service (DoS)
jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG...
Ruby SAML DOS vulnerability with large SAML response
Summary A denial-of-service vulnerability exists in ruby-saml even with the messagemaxbytesize setting configured. The vulnerability occurs because the SAML response is validated for Base64 format prior to checking the message size, leading to potential resource exhaustion. Details ruby-saml...
CVE-2025-29907
CVE-2025-29907 — jsPDF DoS via addImage argument : In jsPDF, prior to 3.0.1, user control of the first argument to addImage can trigger high CPU utilization and denial of service when unsanitised image URLs/data-urls are passed. The vulnerability also affects html and addSvgAsImage in relevant co...
Regular Expression Denial-of-Service (ReDoS)
@octokit/endpoint is vulnerable to Regular Expression Denial-of-Service ReDoS. The vulnerability is due to inefficient regex processing due to the endpoint.parseoptions function allowing crafted input to trigger excessive backtracking, leading to high CPU utilization and application hang...
CVE-2025-25285
@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...
CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...
CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...
@octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
Summary By crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the program to hang and results in high CPU utilization. Details The issue occurs in the parse function within the parse.ts...
CVE-2024-20314
A vulnerability in the IPv4 Software-Defined Access SD-Access fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service DoS condition on an affected device. This...
CVE-2024-20303
A vulnerability in the multicast DNS mDNS gateway feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper management of mDNS client entries. An attacker...