Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

Circl
Circladded 2026/03/21 3:16 p.m.2 views

CVE-2019-25574

creationtimestamp| type| source ---|---|--- 2026-03-21 15:16:00+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2019-25574 2026-03-21 18:04:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhlmkegaai24...

7.1CVSS5.8AI score0.01101EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/02/06 9:4 p.m.5 views

CVE-2026-25574

Payload is a free and open source headless content management system. Prior to 3.74.0, a cross-collection Insecure Direct Object Reference IDOR vulnerability exists in the payload-preferences internal collection. In multi-auth collection environments using Postgres or SQLite with default...

5.4CVSS5.3AI score0.00193EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsvadded 2026/02/05 9:2 p.m.4 views

@01.software/sdk (>=0.0.1-251008.90016 <=0.1.4), @adenta/cms (>=0.0.6 <=1.1.1-0) +32 more potentially affected by CVE-2026-25574 via payload (>=3.0.0-alpha.46 <=3.74.0-internal.9c378de)

payload NPM version =3.0.0-alpha.46, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 - @remy90/payload-conditions-plugin =0.2.2 and more Source cves: CVE-2026-25574 Source advisory: SNYK:JS-PAYLOAD-15239949...

5.4CVSS5.8AI score0.00193EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/08/26 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-25574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve could result in denial of service e.g., an infinite...

7.5CVSS7.2AI score0.0244EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/22 5:55 p.m.9 views

CVE-2020-25574

An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve could result in denial of service e.g., an infinite loop...

7.5CVSS7AI score0.0244EPSS
Exploits1
NVD
NVDadded 2025/02/25 3:15 p.m.12 views

CVE-2023-25574

jupyterhub-ltiauthenticator is a JupyterHub authenticator for learning tools interoperability LTI. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request. Only use...

10CVSS0.00328EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/02/25 2:42 p.m.7 views

CVE-2023-25574 JupyterHub's LTI13Authenticator: JWT signature not validated

jupyterhub-ltiauthenticator is a JupyterHub authenticator for learning tools interoperability LTI. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request. Only use...

10CVSS9.5AI score0.00328EPSS
Exploits0References3
CVE
CVEadded 2025/02/25 2:42 p.m.92 views

CVE-2023-25574

CVE-2023-25574 concerns jupyterhub-ltiauthenticator’s LTI13Authenticator. The issue: LTI13Authenticator, added in version 1.3.0, did not validate JWT signatures, potentially allowing forged authentication requests when the JupyterHub instance is configured to use this authenticator. Affected depl...

10CVSS9.5AI score0.00328EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2025/02/25 2:42 p.m.14 views

CVE-2023-25574 JupyterHub's LTI13Authenticator: JWT signature not validated

jupyterhub-ltiauthenticator is a JupyterHub authenticator for learning tools interoperability LTI. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request. Only use...

10CVSS0.00328EPSS
Exploits0References3
NVD
NVDadded 2024/04/01 4:15 p.m.8 views

CVE-2024-25574

SQL injection vulnerability exists in GetDIAEusListParameters...

9.8CVSS8.8AI score0.0879EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/04/01 4:4 p.m.11 views

CVE-2024-25574 Delta Electronics DIAEnergie SQL Injection

SQL injection vulnerability exists in GetDIAEusListParameters...

8.8CVSS8.9AI score0.0879EPSS
Exploits0References1
CVE
CVEadded 2024/04/01 4:4 p.m.65 views

CVE-2024-25574

Delta Electronics DIAEnergie is affected by a SQL injection vulnerability in GetDIAE_usListParameters. The related ICS/CISA advisory (ICSA-24-074-12) documents multiple SQL injection instances across DIAEnergie components, with CVSS v3.1 base scores up to 8.8 in the family and a high-impact profi...

9.8CVSS8.8AI score0.0879EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 4:5 a.m.2 views

SUSE CVE-2019-25008

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-25574. Reason: This candidate is a duplicate of CVE-2020-25574. Notes: All CVE users should reference CVE-2020-25574 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

7AI score
Exploits0References4
Circl
Circladded 2022/03/25 7:30 p.m.1 views

CVE-2022-25574

creationtimestamp| type| source ---|---|--- 2022-03-25 19:30:57+00:00| seen| https://t.me/cibsecurity/39547 2022-12-24 08:23:35+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/3625 2023-01-29 12:39:15+00:00| published-proof-of-concept| https://t.me/BlueRedTeam/2565...

4.8CVSS4.9AI score0.00416EPSS
Exploits0References3
CVE
CVEadded 2022/03/25 3:59 p.m.91 views

CVE-2022-25574

CVE-2022-25574 describes a stored XSS in the upload function /admin/show.php, affecting DouPHP (and related DouPhp/DouShell references in the connected entries). The root cause is insufficient input validation/escaping in the image upload pathway, allowing crafted image files to execute arbitrary...

4.8CVSS4.9AI score0.00416EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/03/25 3:59 p.m.21 views

CVE-2022-25574

A stored cross-site scripting XSS vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file...

5.2AI score0.00416EPSS
Exploits0References2
Wolfi
Wolfiadded 2020/09/14 7:15 p.m.107 views

CVE-2020-25574 vulnerabilities

Vulnerabilities for packages: zed...

7.5CVSS7.1AI score0.0244EPSS
Exploits1
Chainguard
Chainguardadded 2020/09/14 7:15 p.m.26 views

CVE-2020-25574 vulnerabilities

Vulnerabilities for packages: zed...

7.5CVSS6.9AI score0.0244EPSS
Exploits1
CVE
CVEadded 2020/09/14 6:16 p.m.302 views

CVE-2020-25574

CVE-2020-25574 affects the Rust http crate prior to 0.1.20. An integer overflow in HeaderMap::reserve() could cause denial of service (for example, an infinite loop). The issue is confirmed by multiple sources (e.g., OSV and GHSA advisories) and was fixed in 0.1.20. Public exploitation details ar...

7.5CVSS7.4AI score0.0244EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVEadded 2020/09/14 6:16 p.m.24 views

CVE-2020-25574

An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve could result in denial of service e.g., an infinite loop...

7.5CVSS7.5AI score0.0244EPSS
Exploits1
Rows per page
Query Builder