• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-Other

CVE-2022-25918

February 23, 2023 by godfreyd94

The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the escape function in index.js, due to the usage of insecure regex in the escapeArgBash function.

CVE-2022-25940

February 23, 2023 by godfreyd94

All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.

CVE-2022-2598

February 23, 2023 by godfreyd94

Undefined Behavior for Input to API in GitHub repository vim/vim prior to 9.0.0100.

CVE-2022-25995

February 23, 2023 by godfreyd94

A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2022-2600

February 23, 2023 by godfreyd94

The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel=”noopener noreferer” on generated links, which can lead to Tab Nabbing by giving the target site access to the source tab through the window.opener DOM object.

CVE-2022-25858

February 23, 2023 by godfreyd94

The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 911
  • Go to page 912
  • Go to page 913
  • Go to page 914
  • Go to page 915
  • Interim pages omitted …
  • Go to page 940
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE