CVE-2019-25592 PHPRunner 10.1 Denial of Service via Dashboard Name Field

PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Attackers can paste a buffer of 10000 characters into the Name field during dashboard creation to trigger an...

Linux Distros Unpatched Vulnerability : CVE-2019-1010266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack...

D-Link DIR-816 A2 缓冲区错误漏洞

The D-Link DIR-816 is a wireless AC750 dual-band router. A stack buffer overflow vulnerability exists in the handler function of /goform/addassignment in the D-Link DIR-816 A2 version 1.10 B05. An attacker can exploit the vulnerability by entering long text in the sip and smac fields to cause the...

Regular Expression Denial of Service (ReDoS)

Overview url-regex is a package with regular expression for matching URLs Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. An attacker providing a very long string in String.test can cause a Denial of Service. PoC by Nick Baugh For url-regex package:...