8 matches found
EUVD-2022-51496
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-4131
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all version...
CVE-2023-23621 Discourse vulnerable to ReDoS in user agent parsing
Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and version 3.1.0.beta2 on the beta and tests-passed branches, a malicious user can cause a regular expression denial of service using a carefully crafted user agent. This issue is patched in version 3.0....
CVE-2023-23621 Discourse vulnerable to ReDoS in user agent parsing
Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and version 3.1.0.beta2 on the beta and tests-passed branches, a malicious user can cause a regular expression denial of service using a carefully crafted user agent. This issue is patched in version 3.0....
CVE-2022-4131
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. An attacker may cause Denial of Service on a GitLab instance by exploiting a regex issue in how the...
CVE-2022-4131
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. An attacker may cause Denial of Service on a GitLab instance by exploiting a regex issue in how the...
CVE-2022-29169 ReDoS on endpoint html5client/useragent in BigBlueButton
BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service ReDoS attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5...
远古视频点播系统注入漏洞
漏洞产生于文件/webmedia/oemui/user/guest.asp,访问这个页面需要注册 相关代码: szAgent = Request.ServerVariables"HTTPUSERAGENT" aTmpInfo = SplitszAgent, " ", -1, 1 aAgentInfo = SplitaTmpInfo1, "; ", -1, 1 szBrowser = aAgentInfo1 if RightaAgentInfo2, 1 = "" or RightaAgentInfo2, 1 = ";" then szOS = LeftaAgentInfo2,...