Regular Expression Denial Of Service (ReDoS)

activeattr is vulnerable to regular expression denial of service. The usage of an insecure regular expression in the function call of ActiveAttr::Typecasting::BooleanTypecaste causes a huge processing time, allowing an attacker to cause a denial of service condition using a malicious input...

Regular Expression Denial Of Service (ReDoS)

ssri is vulnerable to regular expression denial of service. An attacker is able to crash the application by submitting a malicious string when the Integrity metadata is using the strict option. This results in a long processing time which would lead to the application crash...

WAGO PFC100/200 Web-Based Management (WBM) Authentication Timing Information Disclosure Vulnerability

Summary An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials...

EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2020-1026)

According to the version of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very lar...

GHSA-J7MJ-748X-7P78 DOS attack in Pillow when processing specially crafted image files

An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image...

Code injection

An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image...

Denial Of Service (DoS) CPU Consumption

mingw32-libxml2 is vulnerable to denial of service. The attack exists because it uses predictable hashing function causing intentional collisions and does not prevent the attacker inputing a malicious message to an XML service, resulting in longer processing time, which could lead to a denial of...

Denial Of Service (DoS)

passwordstrength is vulnerable to denial of service attack. There is no limit on the length of usernames or passwords, which allows for long strings to be entered that results in long periods of processing time...

Regular Expression Denial Of Service (ReDoS)

mime is vulnerable to regular expression denial of service ReDoS attacks. The library does not restrict the type of characters that it takes in, causing the application to take a long time to process. A malicious user can use this behaviour to cause a ReDoS...

Mandriva Linux Security Advisory : pidgin (MDVSA-2010:041)

Multiple security vulnerabilities has been identified and fixed in pidgin : Certain malformed SLP messages can trigger a crash because the MSN protocol plugin fails to check that all pieces of the message are set correctly CVE-2010-0277. In a user in a multi-user chat room has a nickname containi...