EUVD-2026-21236

A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the library lib/util.js. This manipulation of the argument timestamp causes inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit ha...

CVE-2025-57285

codeceptjs 3.7.3 contains a command injection vulnerability in the emptyFolder function lib/utils.js. The execSync command directly concatenates the user-controlled directoryPath parameter without sanitization or escaping, allowing attackers to execute arbitrary commands...

CLSA-2021-1632262065 Update of nscd, glibc-headers, glibc, glibc-utils, glibc-static, glibc-static, glibc-devel, glibc-devel, glibc, glibc-common

More precise DNS name checks accepting dash-.example.com, among other things...

Snyk theme-core command injection vulnerability

Snyk theme-core is a plug-in that provides nmp packages for an application from Snyk USA. theme-core suffers from a command injection vulnerability that stems from are vulnerable to command injection via the lib utils.js file...

Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the glibc-utils-2.2.5 package of the Red Hat Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...