Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889 Text4Shell Report Apache Commons Text CVE-2...

Linux Distros Unpatched Vulnerability : CVE-2025-27789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named...

Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups

Impact When using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement pattern strings i.e. the second argument passed to .replace. Your generated code is vulnerable if all the...

GHSA-HW62-58PR-7WC5 DOM Expressions has a Cross-Site Scripting (XSS) vulnerability due to improper use of string.replace

!NOTE This advisory was originally emailed to [email protected] by @nsysean. To sum it up, the use of javascript's .replace opens up to potential XSS vulnerabilities with the special replacement patterns beginning with $. Particularly, when the attributes of Meta tag from solid-meta are...

security flaw

The findreplen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method...