Lucene search
K

253 matches found

OSV
OSV
added 2025/03/06 12:0 a.m.16 views

CVE-2025-26699

An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings...

5CVSS7AI score0.00748EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/22 10:42 a.m.2 views

redis: Denial-of-service due to unbounded pattern matching in Redis

A flaw was found in Redis. This flaw allows authenticated users to trigger a denial of service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST, and ACL definitions. Matching of extremely long patterns may...

6.5CVSS7.4AI score0.01009EPSS
Exploits0References6
Ubuntu
Ubuntu
added 2024/12/12 4:17 p.m.20 views

USN-7153-1: PHP vulnerability

It was discovered that PHP incorrectly handled long string inputs in two database drivers. An attacker could possibly use this issue to write files in locations they would not normally have access to. CVE-2024-11236...

9.8CVSS7.2AI score0.02079EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2024/10/07 11:25 p.m.13 views

CVE-2024-31228

A flaw was found in Redis. This flaw allows authenticated users to trigger a denial of service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST, and ACL definitions. Matching of extremely long patterns may...

5.5CVSS5.8AI score0.01009EPSS
Exploits0References5
OSV
OSV
added 2024/10/07 8:15 p.m.4 views

UBUNTU-CVE-2024-31228

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST and ACL definitions. Matching of extremel...

6.5CVSS6.7AI score0.01009EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/10/07 7:51 p.m.28 views

CVE-2024-31228 Denial-of-service due to unbounded pattern matching in Redis

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST and ACL definitions. Matching of extremel...

5.5CVSS0.01009EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/10/07 7:51 p.m.14 views

CVE-2024-31228

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST and ACL definitions. Matching of extremel...

6.5CVSS6.1AI score0.01009EPSS
Exploits0
OSV
OSV
added 2024/10/07 7:51 p.m.46 views

CVE-2024-31228 Denial-of-service due to unbounded pattern matching in Redis

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST and ACL definitions. Matching of extremel...

5.5CVSS4.7AI score0.01009EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2024/10/07 7:51 p.m.14 views

CVE-2024-31228

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST and ACL definitions. Matching of extremel...

6.5CVSS6.5AI score0.01009EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/09/12 12:0 a.m.7 views

The vulnerability of the main function (mint.cpp) in the database management system “Red Database”, which allows a perpetrator to cause errors in the operation of the mint utility.

The vulnerability of the main function mint.cpp in the “Red Database” database management system is related to the incorrect processing of parameter I in the mint utility. Exploiting this vulnerability allows a remote attacker to send an excessively long string to the utility, causing the mint...

5.3CVSS5.5AI score
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.5 views

Django Security Vulnerabilities

Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions prior to 5.0.7 and prior to 4.2.14, which...

7.5CVSS6.6AI score0.28637EPSS
Exploits0References5
OSV
OSV
added 2024/05/03 1:15 a.m.1 views

DEBIAN-CVE-2024-34403

An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string...

5.9CVSS5.7AI score0.01316EPSS
Exploits0References1
OSV
OSV
added 2024/05/03 1:15 a.m.6 views

AZL-43221 CVE-2024-34403 affecting package uriparser for versions less than 0.9.8-3

An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string...

5.9CVSS5.8AI score0.01316EPSS
Exploits0References1
OSV
OSV
added 2024/05/03 1:15 a.m.3 views

UBUNTU-CVE-2024-34403

An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string...

5.9CVSS5.8AI score0.01316EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/05/03 12:0 a.m.16 views

CVE-2024-34403

An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string...

7AI score0.01316EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.2 views

uriparser 安全漏洞

Uriparser is a strictly Rfc 3986 compliant Uri parsing and processing library written in C89. A security vulnerability exists in uriparser version 0.9.7, which stems from an integer overflow via a long string...

5.9CVSS5.7AI score0.01316EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/25 12:0 a.m.4 views

Ezhometech EzServer Security Vulnerability

Ezhometech EzServer is an IPTV Interactive Internet Protocol Television streaming server from Ezhometech. A security vulnerability exists in Ezhometech EzServer version 6.4.017, which can be exploited to cause a denial of service via a long string...

7.5CVSS6.6AI score0.03574EPSS
Exploits1References2
CVE
CVE
added 2024/01/25 12:0 a.m.49 views

CVE-2024-23985

EzServer 6.4.017 is affected by CVE-2024-23985, enabling a denial-of-service (daemon crash) via extremely long input strings (e.g., RNTO). CVSSv3.1: 7.5 (HIGH) with network access, no user interaction. Public references describe input-length-related DoS; Red Hat and other sources confirm the issu...

7.5CVSS7.4AI score0.03574EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2023/09/11 12:0 a.m.26 views

Tenda AC6 Denial of Service Vulnerability

The Tenda AC6 is a wireless router from the Chinese company Tenda. A denial of service vulnerability exists in the Tenda AC6. The vulnerability stems from a failure to properly handle incoming error messages and can be exploited to cause a denial of service device crash via a long string in the...

4.9CVSS6.5AI score0.00724EPSS
Exploits1References1
Snyk
Snyk
added 2023/06/25 7:36 a.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS in the strbufcat function via a long string, which allows context-dependent attackers. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...

7.5CVSS7.1AI score0.01374EPSS
Exploits0References2
Rows per page
Query Builder