Lucene search
K

33 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.5 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : Vim vulnerabilities (USN-8171-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8171-1 advisory. Nathan Mills discovered that Vim could crash when parsing certain regular expressions...

8.2CVSS6.6AI score0.00834EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/01 5:1 a.m.2 views

CVE-2026-30314

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations...

9.8CVSS6.3AI score0.01201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.5 views

PT-2026-29253

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations...

6.3AI score0.01659EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.2 views

CVE-2026-30307

Roo Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations, i...

6.3AI score0.01145EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/27 1:32 p.m.22 views

CVE-2025-10990 Rexml: rexml: denial of service via inefficient regex parsing

A flaw was found in REXML. A remote attacker could exploit inefficient regular expression regex parsing when processing hex numeric character references &x...; in XML documents. This could lead to a Regular Expression Denial of Service ReDoS, impacting the availability of the affected component...

7.5CVSS0.00468EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/02/27 1:32 p.m.2 views

CVE-2025-10990 Rexml: rexml: denial of service via inefficient regex parsing

A flaw was found in REXML. A remote attacker could exploit inefficient regular expression regex parsing when processing hex numeric character references &x...; in XML documents. This could lead to a Regular Expression Denial of Service ReDoS, impacting the availability of the affected component...

7.5CVSS6.8AI score0.00468EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2026/01/22 12:0 a.m.346 views

📄 libxml2 2.9.14 Remote Code Execution

libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. This version from the author is in the form of a Metasploit module...

7.5CVSS5.8AI score0.01364EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/12/02 10:31 p.m.8 views

CVE-2025-66305

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Denial of Service DoS vulnerability was identified in the "Languages" submenu of the Grav admin configuration panel /admin/config/system. Specifically, the Supported parameter fails to properly validate user input. If a malformed value ...

6.9CVSS6.1AI score0.00337EPSS
Exploits1References1
OSV
OSV
added 2025/11/02 12:18 p.m.3 views

SUSE-SU-2025:3910-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 - CVE-2025-52885: improved pointer handling that could have led to dangling pointers when the vector is...

8.6CVSS7.3AI score0.00159EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/10/08 7:24 p.m.7 views

rexml: REXML: Denial of Service via inefficient regex parsing

A flaw was found in REXML. A remote attacker could exploit inefficient regular expression regex parsing when processing hex numeric character references &x...; in XML documents. This could lead to a Regular Expression Denial of Service ReDoS, impacting the availability of the affected component...

7.5CVSS7.3AI score0.00468EPSS
Exploits0References7
OSV
OSV
added 2025/09/08 10:7 p.m.5 views

CVE-2025-58451 Cattown Vulnerable to Inefficient Regular Expression Complexity and Uncontrolled Resource Consumption

Cattown is a JavaScript markdown parser. Versions prior to 1.0.2 used regular expressions with inefficient, potentially exponential worst-case complexity. This could cause excessive CPU usage due to excessive backtracking on crafted inputs. In turn, the excessive CPU usage could lead to resource...

8.7CVSS6.3AI score0.00312EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.11 views

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2025-057)

The version of docker installed on the remote host is prior to 20.10.17-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-057 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could...

7.5CVSS7AI score0.01544EPSS
Exploits0References6
OSV
OSV
added 2025/04/17 12:51 p.m.4 views

USN-7442-1 ruby2.3, ruby2.5 vulnerabilities

It was discovered that the Ruby CGI gem incorrectly handled parsing certain cookies. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. CVE-2025-27219 It was discovered that the Ruby CGI gem incorrectly handled parsing certain regular expressions...

8.7CVSS6.7AI score0.01429EPSS
Exploits0References5
OSV
OSV
added 2025/04/07 1:55 p.m.2 views

USN-7418-1 ruby2.7, ruby3.0, ruby3.2, ruby3.3 vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS, Ubuntu 24.04...

7.5CVSS6.7AI score0.02064EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/04/30 3:5 p.m.2 views

golang: regexp/syntax: limit memory used by parsing regexps

A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as...

7.5CVSS6.6AI score0.01339EPSS
Exploits0References6
Veracode
Veracode
added 2023/10/06 8:27 a.m.23 views

Regular Expression Denial Of Service (ReDoS)

zod is vulnerable to Denial of Service DoS. The vulnerability is due to an inefficient regex expression that parses email addresses. An attacker can submit long email addresses, which will cause the Zod application to crash or become unresponsive...

7.5CVSS6.8AI score0.00764EPSS
Exploits1References6Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/16 8:57 a.m.2 views

golang: regexp/syntax: limit memory used by parsing regexps

A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as...

7.5CVSS6.6AI score0.01339EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.46 views

Moderate: golang-github-cpuguy83-md2man security, bug fix, and enhancement update

go-md2man converts markdown into roff man pages. Security Fixes: golang: regexp/syntax: limit memory used by parsing regexps CVE-2022-41715 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed...

7.5CVSS7.8AI score0.01339EPSS
Exploits0References4
OSV
OSV
added 2023/05/09 12:0 a.m.31 views

ALSA-2023:2357 Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang:...

7.5CVSS8AI score0.05623EPSS
Exploits4References22
RedHat Linux
RedHat Linux
added 2023/03/15 7:58 p.m.3 views

golang: regexp/syntax: limit memory used by parsing regexps

A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as...

7.5CVSS6.6AI score0.01339EPSS
Exploits0References6
Rows per page
Query Builder