Page 24 of 38324 results (0.003 seconds)

CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0

Improper regular expression in Vue's parseHTML function leads to a potential regular expression denial of service vulnerability. • https://www.herodevs.com/vulnerability-directory/cve-2024-9506 • CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). • https://access.redhat.com/security/cve/CVE-2024-9676 https://bugzilla.redhat.com/show_bug.cgi?id=2317467 https://github.com/advisories/GHSA-wq2p-5pc6-wpgf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Los dispositivos contienen dos cuentas de usuario codificadas con contraseñas codificadas que permiten a un atacante remoto no autenticado tener control total de los dispositivos afectados. • https://cert.vde.com/en/advisories/VDE-2024-056 https://cert.vde.com/en/advisories/VDE-2024-066 • CWE-798: Use of Hard-coded Credentials •

CVSS: -EPSS: 0%CPEs: -EXPL: 1

Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. • https://github.com/Brinmon/CVE-2024-44337 https://github.com/gomarkdown/markdown/commit/a2a9c4f76ef5a5c32108e36f7c47f8d310322252 •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service(DoS) via a crafted request. • https://gist.github.com/pengwGit/26fd8630392af5d8829c2e220091ac4f • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •