CWE:
 

Nic nie znaleziono w bazie WLB2


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-01-12
Low
CVE-2021-40562

Vendor: GPAC
Software: GPAC
 

 
A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.

 
2021-12-17
Medium
CVE-2021-34141

Vendor: Numpy
Software: Numpy
 

 
Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.

 
2021-12-13
Low
CVE-2021-39917

Vendor: Gitlab
Software: Gitlab
 

 
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression related to quick actions features was susceptible to catastrophic backtracking that could cause a DOS attack.

 
2021-11-18
Medium
CVE-2021-23146

Vendor: Gallagher
Software: Command centre
 

 
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1454 (MR3); 8.20 versions prior to 8.20.1291 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions.

 
2021-10-22
Medium
CVE-2021-42836

Vendor: Gjson project
Software: Gjson
 

 
GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.

 
2021-09-27
Medium
CVE-2021-3828

Vendor: NLTK
Software: NLTK
 

 
nltk is vulnerable to Inefficient Regular Expression Complexity

 
Medium
CVE-2021-3822

Vendor: Jsoneditoronline
Software: Jsoneditor
 

 
jsoneditor is vulnerable to Inefficient Regular Expression Complexity

 
Medium
CVE-2021-3820

Vendor: Inflect project
Software: Inflect
 

 
inflect is vulnerable to Inefficient Regular Expression Complexity

 
2021-09-22
Medium
CVE-2020-23478

Vendor: Leoeditor
Software: LEO
 

 
Leo Editor v6.2.1 was discovered to contain a regular expression denial of service (ReDoS) vulnerability in the component plugins/importers/dart.py.

 
2021-08-31
High
CVE-2021-3749

Vendor: Axios
Software: Axios
 

 
axios is vulnerable to Inefficient Regular Expression Complexity

 

 


Copyright 2022, cxsecurity.com

 

Back to Top