Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2026/01/28 3:20 p.m.31 views

Next.js has Unbounded Memory Consumption via PPR Resume Endpoint

A denial of service vulnerability exists in Next.js versions with Partial Prerendering PPR enabled when running in minimal mode. The PPR resume endpoint accepts unauthenticated POST requests with the Next-Resume: 1 header and processes attacker-controlled postponed state data. Two closely related...

7.5CVSS5.9AI score0.0015EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2025/11/18 10:18 p.m.9 views

CVE-2025-62406 Piwigo is vulnerable to one-click account takeover by modifying the password-reset link

Piwigo is a full featured open source photo gallery application for the web. In Piwigo 15.6.0, using the password reset function allows sending a password-reset URL by entering an existing username or email address. However, the hostname used to construct this URL is taken from the HTTP request's...

8.1CVSS0.00046EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/11/18 12:0 a.m.8 views

PT-2025-47413

Name of the Vulnerable Software and Affected Versions Piwigo versions prior to 15.7.0 Description Piwigo is a photo gallery application for the web. The password reset function in versions prior to 15.7.0 does not validate the hostname used in the password-reset URL, which is taken directly from...

8.1CVSS6.7AI score0.00046EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/11/18 12:0 a.m.2 views

Piwigo 授权问题漏洞

Piwigo is Piwigo open source a set of Web-based open source image library software. The software includes features such as image management, image categorization and permission management. An authorization issue vulnerability exists in Piwigo version 15.6.0, which stems from the password reset...

8.8CVSS6.7AI score0.00046EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/01/27 12:0 a.m.4 views

PT-2023-14138 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 13.7 through 15.4.5 GitLab EE versions 15.5 through 15.5.4 GitLab EE versions 15.6 through 15.6.0 Description: An information leak issue was identified that exposes user email IDs through the webhook payload. Recommendation...

5.3CVSS4.9AI score0.00136EPSS
Exploits0References6
OSV
OSVadded 2023/01/26 9:15 p.m.0 views

UBUNTU-CVE-2022-3478

An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible to trigger a DoS attack by uploading a malicious nuget package...

4.3CVSS5.7AI score0.00197EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/01/12 12:0 a.m.2 views

PT-2023-13456 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 15.5.7 GitLab CE/EE versions 15.6.0 through 15.6.3 GitLab CE/EE versions 15.7.0 through 15.7.1 Description: An issue has been discovered in GitLab CE/EE where a crafted Prometheus Server query can cause high...

7.5CVSS6.5AI score0.00377EPSS
Exploits0References12
Rows per page
Query Builder