Lucene search
K

5 matches found

OSV
OSV
added 2026/03/26 7:17 p.m.7 views

UBUNTU-CVE-2026-4923

Impact: When using multiple wildcards, combined with at least one parameter, a regular expression can be generated that is vulnerable to ReDoS. This backtracking vulnerability requires the second wildcard to be somewhere other than the end of the path. Unsafe examples: /foo-bar-:baz /a-:b-c-:d...

5.9CVSS5.8AI score0.00353EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-28675

Name of the Vulnerable Software and Affected Versions path-to-regexp versions prior to 8.4.0 Description A flawed regular expression is created when multiple sequential optional groups using curly brace syntax are present, such as abc:z. The resulting regular expression expands exponentially with...

9.8CVSS5.9AI score0.00791EPSS
Exploits0References293
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-52599

Name of the Vulnerable Software and Affected Versions PHP versions 8.1.0 through 8.1.33 PHP versions 8.2.0 through 8.2.29 PHP versions 8.3.0 through 8.3.28 PHP versions 8.4.0 through 8.4.15 PHP versions 8.5.0 Description When using the PDO PostgreSQL driver with PDO::ATTR EMULATE PREPARES enabled...

8.2CVSS6.6AI score0.00573EPSS
Exploits4References106
Positive Technologies
Positive Technologies
added 2021/07/14 12:0 a.m.8 views

PT-2021-3765 · Juniper Networks · Sbr Carrier

Name of the Vulnerable Software and Affected Versions: Juniper Networks SBR Carrier versions 8.4.1 through 8.4.1R18 Juniper Networks SBR Carrier versions 8.5.0 through 8.5.0R9 Juniper Networks SBR Carrier versions 8.6.0 through 8.6.0R3 Description: The issue is caused by a stack-based buffer...

9.8CVSS9.8AI score0.02314EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/09/11 12:0 a.m.6 views

PT-2019-19047 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Jira versions prior to 8.4.0 Description: The issue concerns an information disclosure vulnerability in the /rest/api/latest/groupuserpicker resource. This allows remote attackers to enumerate usernames. Recommendations: For versions prior to...

5.3CVSS5.2AI score0.84771EPSS
Exploits8References10
Rows per page
Query Builder