Lucene search
+L

236 matches found

SUSE CVE
SUSE CVE
added 2024/05/14 3:34 a.m.10 views

SUSE CVE-2023-52655

In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeofu64 the value passed to skbtrim as length will wrap around ending up as some very large value. The driver will then proce...

6.6CVSS6.2AI score0.00274EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.22 views

RHEL 8 : nodejs-trim-newlines (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-trim-newlines: ReDoS in .end method CVE-2021-33623 Note that Nessus has not tested for this issue but has...

7.6AI score0.02901EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/04/04 12:0 a.m.12 views

The vulnerability of the trim() function in the trim package allows a hacker to cause a service failure.

The vulnerability of the trim function in the trim package is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.8CVSS7.5AI score0.03732EPSS
Exploits1References3Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/31 4:13 p.m.44 views

Security Bulletin: Vulnerabilities in Node.js, OpenSSL, trim, and Chalk ansi-regex module might affect IBM Storage Defender – Data Protect

Summary IBM Storage Defender – Data Protect is vulnerable and that can result in runtime errors, denial of service attacks, remote code execution, remote access authentication bypass, and the ability to obtain sensitive information. The vulnerabilities have been addressed. Vulnerability Details...

7.8CVSS8.5AI score0.16195EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 4:50 p.m.38 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-33623 DESCRIPTION: Node.js trim-newlines module is vulnerable to a denial of service, caused by a regular expression denial-of-service ReDoS flaw in the .end method. By sending a...

7.5CVSS7.2AI score0.02901EPSS
Exploits0Affected Software1
Laminas
Laminas
added 2023/04/17 5:0 p.m.50 views

HTTP Multiline Header Termination Vulnerability

The package laminas/laminas-diactoros Diactoros is a PSR-7 HTTP Message and PSR-17 HTTP Message Factory implementation, providing HTTP request and response message representations both for making HTTP client requests and responding to HTTP requests server-side. Affected versions of Diactoros...

7.5CVSS6.9AI score0.00965EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2023/04/06 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-5999-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.02901EPSS
Exploits0References2
OSV
OSV
added 2023/04/05 10:22 a.m.5 views

USN-5999-1 node-trim-newlines vulnerability

It was discovered that trim-newlines incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2021-33623...

7.5CVSS7.2AI score0.02901EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/04/05 10:22 a.m.62 views

USN-5999-1: trim-newlines vulnerability

It was discovered that trim-newlines incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2021-33623...

7.5CVSS7.4AI score0.02901EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/28 3:27 a.m.3 views

SUSE CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

7.8CVSS6.4AI score0.00393EPSS
Exploits1References3
OSV
OSV
added 2023/02/26 11:15 p.m.1 views

DEBIAN-CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

7.8CVSS6.4AI score0.00393EPSS
Exploits1References1
OSV
OSV
added 2023/02/26 11:15 p.m.4 views

UBUNTU-CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

7.8CVSS6.7AI score0.00393EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/23 3:31 a.m.3 views

SUSE CVE-2020-7753

All versions of package trim are vulnerable to Regular Expression Denial of Service ReDoS via trim...

7.5CVSS8.7AI score0.03732EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.4 views

SUSE CVE-2010-2190

The 1 trim, 2 ltrim, 3 rtrim, and 4 substrreplace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the call time pass by reference...

5CVSS6.7AI score0.01896EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.4 views

SUSE CVE-2016-1238

1 cpan/Archive-Tar/bin/ptar, 2 cpan/Archive-Tar/bin/ptardiff, 3 cpan/Archive-Tar/bin/ptargrep, 4 cpan/CPAN/scripts/cpan, 5 cpan/Digest-SHA/shasum, 6 cpan/Encode/bin/enc2xs, 7 cpan/Encode/bin/encguess, 8 cpan/Encode/bin/piconv, 9 cpan/Encode/bin/ucmlint, 10 cpan/Encode/bin/unidump, 11...

6.7CVSS7.1AI score0.00779EPSS
Exploits0References38
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.3 views

SUSE CVE-2018-14447

trimwhitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read...

3.3CVSS7AI score0.01762EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.3 views

SUSE CVE-2018-14722

An issue was discovered in evaluateautomountpoint in btrfsmaintenance-functions in btrfsmaintenance through 0.4.1. Code execution as root can occur via a specially crafted filesystem label if btrfs-scrub,balance,trim are set to auto in /etc/sysconfig/btrfsmaintenance this is not the default, thou...

6.7CVSS7.3AI score0.03005EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/01/27 12:5 p.m.80 views

CVE-2022-25927

A flaw was found in ua-parser-js. This issue could allow a malicious user to trigger a regular expression denial of service ReDoS via the trim function...

7.5CVSS3.8AI score0.01725EPSS
Exploits2References3
OSV
OSV
added 2023/01/26 9:15 p.m.2 views

DEBIAN-CVE-2022-25927

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service ReDoS via the trim function...

7.5CVSS6.6AI score0.01725EPSS
Exploits2References1
Prion
Prion
added 2023/01/26 9:15 p.m.29 views

Design/Logic Flaw

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service ReDoS via the trim function...

5CVSS7.4AI score0.01725EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder