CVE-2023-29423

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooCommerce plugin = 1.3.2 versions...

PT-2023-22250 · WordPress · Pi Websolution Cancel Order Request / Return Order / Repeat Order / Reorder For Woocommerce

Name of the Vulnerable Software and Affected Versions: PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooCommerce plugin versions prior to 1.3.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects users with admin+...

PT-2023-20723 · Systemui · Systemui

Name of the Vulnerable Software and Affected Versions: SystemUI affected versions not specified Description: The issue is related to the SystemUI module, which has a problem with repeated app restarts due to improper parameters. This could potentially affect confidentiality. Recommendations: At t...

SUSE CVE-2008-0172

The getrepeattype function in basicregexcreator.hpp in the Boost regex library aka Boost.Regex in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service NULL dereference and crash via an invalid regular expression...

SUSE CVE-2012-2385

The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service long loop and CPU consumption via an escape sequence with a large repeat count value...

SUSE CVE-2012-2738

The VteTerminal in gnome-terminal vte before 0.32.2 allows remote authenticated users to cause a denial of service long loop and CPU consumption via an escape sequence with a large repeat count value...

SUSE CVE-2018-1000810

The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat,...

SUSE CVE-2022-3488

Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to reject the query response, such a...

Regular Expression Denial of Service (ReDoS)

Overview zxcvbn is a realistic password strength estimation Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the repeatmatch functionality, due to the usage of an insecure regex in lazyanchored variable. PoC js const zxcvbn = require"zxcvbn";...

jaguar-etype.nl Cross Site Scripting vulnerability OBB-3067160

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2022-36780 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Memcpy-param-overlap, with a crash state involving repeat and p ere. No further details are provided...

walkerbooks.com.au Cross Site Scripting vulnerability OBB-2922918

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Paying Ransomware Paints Bigger Bullseye on Target’s Back

Paying ransomware attackers doesn’t pay off and often paints a bigger target on a victim’s back. Eighty percent of ransomware victims that paid their attackers were hit a second time by the malware scourge. New ransomware numbers come from a Cybereason’s April ransomware survey of 1,456...

OESA-2022-1648 vte security update

VTE is a terminal emulator widget for use with GTK+ 2.0. Security Fixes: The VteTerminal in gnome-terminal vte before 0.32.2 allows remote authenticated users to cause a denial of service long loop and CPU consumption via an escape sequence with a large repeat count value.CVE-2012-2738...

CVE-2022-27887

Maccms v10 was discovered to contain a reflected cross-site scripting XSS vulnerability in /admin.php/admin/vod/data.html via the repeat parameter...

CVE-2022-27887

Maccms v10 was discovered to contain a reflected cross-site scripting XSS vulnerability in /admin.php/admin/vod/data.html via the repeat parameter...

Maccms 跨站脚本漏洞

Maccms is a PHP-based film and television content management system CMS. v10 version of Maccms is vulnerable to a cross-site scripting vulnerability, which originates from the lack of a repeat parameter in /admin.php/admin/vod/data.html to check the data provided by the user and the output data...

Stack overflow

Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function fromSetWirelessRepeat. This vulnerability allows attackers to cause a Denial of Service DoS via the wpapskcrypto parameter...

CVE-2022-24149

Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function fromSetWirelessRepeat. This vulnerability allows attackers to cause a Denial of Service DoS via the wpapskcrypto parameter...

OSV-2022-64 Heap-buffer-overflow in repeat

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43870 Crash type: Heap-buffer-overflow WRITE Crash state: repeat pere cliregcompreal...