Lucene search
K

9 matches found

Snyk
Snyk
added 2025/07/31 7:23 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via unbounded values in the dataWindow header field. An attacker can exhaust system memory or cause the application to crash by supplying specially crafted files with excessively larg...

5.5CVSS7AI score0.00259EPSS
Exploits1References2
Snyk
Snyk
added 2025/07/31 7:21 p.m.1 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the ScanLineProcess::runfill function when processing deep scanline images with large sample counts in reduceMemory mode. An attacker can cause the application to crash by providing a specially crafted image...

6.2CVSS6.6AI score0.00198EPSS
Exploits1References2
Snyk
Snyk
added 2025/07/31 7:20 p.m.4 views

Out-of-bounds Read

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Out-of-bounds Read in the LossyDctDecoderexecute function. An attacker can cause the application to crash or potentially leak sensitive information by providing a specially...

9.1CVSS6.7AI score0.00496EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/02/14 12:0 a.m.3 views

PT-2025-7022 · Wp2Leads · Wp2Leads

Name of the Vulnerable Software and Affected Versions: WP2LEADS versions prior to 3.3.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables attackers to inject malicious scripts...

7.1CVSS7.1AI score0.00231EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/23 12:0 a.m.3 views

PT-2024-28229

Name of the Vulnerable Software and Affected Versions Spring Boot versions 2.7.0 through 2.7.21 Spring Boot versions 3.0.0 through 3.0.16 Spring Boot versions 3.1.0 through 3.1.12 Spring Boot versions 3.2.0 through 3.2.8 Spring Boot versions 3.3.0 through 3.3.2 Description Applications that use...

7.2CVSS7.3AI score0.00123EPSS
Exploits0References18
Snyk
Snyk
added 2024/08/01 2:42 p.m.1 views

Uncontrolled Resource Consumption ('Resource Exhaustion')

Overview rexml is an An XML toolkit for Ruby. Affected versions of this package are vulnerable to Uncontrolled Resource Consumption 'Resource Exhaustion' via the SAX2 or pull parser API. An attacker can cause the application to consume excessive resources leading to a denial of service by...

7.5CVSS6.9AI score0.01192EPSS
Exploits0References2
Snyk
Snyk
added 2024/08/01 2:41 p.m.3 views

Denial of Service (DoS)

Overview rexml is an An XML toolkit for Ruby. Affected versions of this package are vulnerable to Denial of Service DoS via the REXML gem, when parsing an XML document that has many specific characters such as whitespace character, and . Details Denial of Service DoS describes a family of attacks...

7.5CVSS7.1AI score0.01283EPSS
Exploits0References2
OSV
OSV
added 2022/09/20 7:15 a.m.4 views

DEBIAN-CVE-2022-39957

The OWASP ModSecurity Core Rule Set CRS is affected by a response body bypass. A client can issue an HTTP Accept header field containing an optional "charset" parameter in order to receive the response in an encoded form. Depending on the "charset", this response can not be decoded by the web...

7.5CVSS7.5AI score0.00771EPSS
Exploits0References1
OSV
OSV
added 2022/09/20 7:15 a.m.5 views

UBUNTU-CVE-2022-39957

The OWASP ModSecurity Core Rule Set CRS is affected by a response body bypass. A client can issue an HTTP Accept header field containing an optional "charset" parameter in order to receive the response in an encoded form. Depending on the "charset", this response can not be decoded by the web...

7.5CVSS7.1AI score0.00771EPSS
Exploits0References3
Rows per page
Query Builder