Exploit for Inefficient Regular Expression Complexity in Ua-Parser-Js_Project Ua-Parser-Js

No d...

DoS (Denial of Service) ua-parser-js Dependency in Bitbucket Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.4.12, 10.0.1, and 10.1.1 of Bitbucket Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated...

DoS (Denial of Service) ua-parser-js Dependency in Jira Service Management Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-25927 was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, and 11.0.0 of Jira Service Management Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Sco...

EUVD-2021-0967

Malware in sbrugna...

EUVD-2021-0991

Malware in sbrugna...

EUVD-2023-0457

Malicious code in bioql PyPI...

EUVD-2022-0786

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-7793

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes see linked commit for more info...

Linux Distros Unpatched Vulnerability : CVE-2021-27292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header,...

[R1] Stand-alone Security Patches Available for Tenable Security Center versions 6.4.0, 6.4.5 and 6.5.1: SC-202505.1 + SC-202506.1

R1 Stand-alone Security Patches Available for Tenable Security Center versions 6.4.0, 6.4.5 and 6.5.1: SC-202505.1 + SC-202506.1 Arnie Cabral Mon, 06/30/2025 - 11:41 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components...

[R2] Security Center Version 6.6.0 Fixes Multiple Vulnerabilities

R2 Security Center Version 6.6.0 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 05/06/2025 - 09:44 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components sqlite, ua-parser-js were found to contain vulnerabilities, and updat...

ua-parser-js npm module ReDenial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ua-parser-js npm module ReDoS', 'Description' = %q This module exploits a Regular Expression Denial of Service vulnerability in the npm module...

RHEL 7 : kibana (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-ua-parser-js: Regular expression denial of service via the regex CVE-2020-7733 Note that Nessus has not test...

RHEL 7 : nodejs-ua-parser-js (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-ua-parser-js: ReDoS in multiple regexes CVE-2020-7793 - The package ua-parser-js before 0.7.22 are...

Security Bulletin: IBM Spectrum Discover is vulnerable to multiple vulnerabilities

Summary IBM has addressed multiple vulnerabilities in IBM Spectrum Discover. Webpack loader-utils CVE-2022-37601 is vulnerable to execute arbitrary code on the system caused by a pollution flaw in parseQuery function. OpenStack Keystone CVE-2021-3563 is vulnerable to bypass security restriction...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Node.js ua-parser-js

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Node.js ua-parser-js. Vulnerability Details CVEID:CVE-2022-25927 DESCRIPTION: Node.js ua-parser-js module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to the ua-parser-js module (CVE-2022-25927)

Summary IBM App Connect Enterprise is vulnerable to a denial of service due to the ua-parser-js module in the electron app CVE-2022-25927. Electron is used for Discovery Connectors in IBM App Connect Enterprise. The latest fixpack includes ua-parser-js =v1.0.33 Vulnerability Details...

Security Bulletin: There is a security vulnerability in Node.js ua-parser-js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25927)

Summary There is a security vulnerability in Node.js ua-parser-js module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-25927 DESCRIPTION: Node.js ua-parser-js module is vulnerable to a denial of service, caused by a regular expression...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service due to [CVE-2022-25927]

Summary Node.js module ua-parser-js is used by IBM App Connect Enterprise Certified Container DesignerAuthoring instances. IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service. This bulletin provides patch information to address the...

CVE-2022-25927

A flaw was found in ua-parser-js. This issue could allow a malicious user to trigger a regular expression denial of service ReDoS via the trim function...