Search Vulnerabilities

Incorrect Regular Expression vulnerability in GitHub Enterprise Server allowed unauthorized access to user accounts via OAuth callback URL validati...

Tekton Pipelines: VerificationPolicy regex pattern bypass via substring matching

Istio AuthorizationPolicy Incorrect Regex Matching of Dots in serviceAccounts Fields Allows Policy Bypass

league/commonmark has an embed extension allowed_domains bypass

@dicebear/converter ensureSize() Vulnerable to SVG Dimension Capping Bypass via XML Comment Injection

LAM has incorrect regular expression in PDF export component that allows user to upload files of any type

Fastify's Missing End Anchor in "subtypeNameReg" Allows Malformed Content-Types to Pass Validation

fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names

Litestar has an AllowedHosts validation bypass due to unescaped regex metacharacters in configured host patterns

Hono's IPv4 address validation bypass in IP Restriction Middleware allows IP spoofing

fastapi-guard patch contains bypassable RegEx

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a deni...

authentik has an insecure default configuration for OAuth2 Redirect URIs

WP Hardening – Fix Your WordPress Security <= 1.2.6 - Unauthenticated Security Feature Bypass to Username Enumeration

Incorrect Regular Expression in GravityZone Update Server (VA-11465)

DoS attack using PostMaster filters

A vulnerability was found in Braces versions 2

Specially crafted regex query can cause DoS

Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability

Kibana versions before 6