Medium: runfinch-finch

Issue Overview: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service. CVE-2024-45338 golang-jwt is a Go implementation of JSON Web Tokens. Unclear...

Regular Expression Denial Of Service (ReDoS)

Parse-uri is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing, which allows attackers to exploit crafted URLs and cause a denial of service...

PT-2025-2193 · Newtec · Newtec Ntc2299 +2

Name of the Vulnerable Software and Affected Versions: Newtec NTC2218, NTC2250, NTC2299 versions 1.0.1.1 through 2.2.6.19 Description: A buffer overflow issue in the swdownload binary allows attackers to execute arbitrary code. The parse INFO function uses an unrestricted sscanf to read a string ...

parse-uri Regular expression Denial of Service (ReDoS)

An issue in parse-uri v1.0.9 allows attackers to cause a Regular expression Denial of Service ReDoS via a crafted URL. PoC js async function exploit const parseuri = require"parse-uri"; // This input is designed to cause excessive backtracking in the regex const craftedInput = 'http://example.com...

GHSA-6FX8-H7JM-663J parse-uri Regular expression Denial of Service (ReDoS)

An issue in parse-uri v1.0.9 allows attackers to cause a Regular expression Denial of Service ReDoS via a crafted URL. PoC js async function exploit const parseuri = require"parse-uri"; // This input is designed to cause excessive backtracking in the regex const craftedInput = 'http://example.com...

CVE-2024-36751

An issue in parse-uri v1.0.9 allows attackers to cause a Regular expression Denial of Service ReDoS via a crafted URL...

CVE-2024-36751

An issue in parse-uri v1.0.9 allows attackers to cause a Regular expression Denial of Service ReDoS via a crafted URL...

DEBIAN-CVE-2024-57887

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533attachdsi The hostnode pointer was assigned and freed in adv7533parsedt, and later, adv7533attachdsi uses the same. Fix this use-after-free issue by dropping ofnodeput in adv7533parsedt...

UBUNTU-CVE-2024-57887

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533attachdsi The hostnode pointer was assigned and freed in adv7533parsedt, and later, adv7533attachdsi uses the same. Fix this use-after-free issue by dropping ofnodeput in adv7533parsedt...

CVE-2024-36751

An issue in parse-uri v1.0.9 allows attackers to cause a Regular expression Denial of Service ReDoS via a crafted URL...

parse-uri 安全漏洞

parse-uri is a lightweight module for parsing URIs from the individual developers at Kiko Beats. A security vulnerability exists in parse-uri v1.0.9. An attacker can exploit this vulnerability to trigger a regular expression denial of service via a crafted URL...

CVE-2024-36751

CVE-2024-36751 affects parse-uri v1.0.9. The issue is a Regular Expression Denial of Service (ReDoS) triggered by crafted URLs due to inefficient regex processing. Reported exploits and PoC exist (GHSA advisory). Impact is Denial of Service with availability risk; CVSSv3.1 base score 6.5. No fix ...

CVE-2024-36751

An issue in parse-uri v1.0.9 allows attackers to cause a Regular expression Denial of Service ReDoS via a crafted URL...

PT-2025-2456 · Parse-Uri · Parse-Uri

Name of the Vulnerable Software and Affected Versions: parse-uri version 1.0.9 Description: The issue allows attackers to cause a Regular expression Denial of Service ReDoS via a crafted URL. This can be achieved by manipulating the URL in a way that triggers a denial of service. Recommendations:...

EulerOS 2.0 SP9 : xmlrpc-c (EulerOS-SA-2025-1067)

According to the versions of the xmlrpc-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer.CVE-2024-45490 An issue was...

DEBIAN-CVE-2024-57822

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptorntriplesparseterminternal...

UBUNTU-CVE-2024-57822

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptorntriplesparseterminternal...

USN-7197-1 golang-golang-x-net vulnerability

Guido Vranken discovered that Go Networking handled input to the Parse functions inefficiently. An attacker could possibly use this issue to cause denial of service. This update addresses the issue in the golang-golang-x-net and golang-golang-x-net-dev packages, as well as the library vendored...

SUSE CVE-2024-56763

In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracingcpumaskwrite If a large count is provided, it will trigger a warning in bitmapparseuser. Also check zero for it...

DEBIAN-CVE-2024-56763

In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracingcpumaskwrite If a large count is provided, it will trigger a warning in bitmapparseuser. Also check zero for it...