Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

73 matches found

Nuclei
Nucleiadded 2 days ago18 views

WordPress Candidate Application Form <= 1.3 - Local File Inclusion

WordPress Candidate Application Form = 1.3 is susceptible to arbitrary file downloads because the code in downloadpdffile.php does not do any sanity checks. id: CVE-2015-1000005 info: name: WordPress Candidate Application Form = 1.3 - Local File Inclusion author: dhiyaneshDK severity: high...

7.5CVSS7.3AI score0.21197EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2026/03/18 1:19 p.m.3 views

undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS5.8AI score0.00126EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/03/05 1:34 p.m.2 views

undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS5.8AI score0.00126EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/09 8:58 a.m.3 views

CVE-2023-45756

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Spider Teams ApplyOnline – Application Form Builder and Manager plugin = 2.5.2 versions...

7.1CVSS5.9AI score0.00193EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/03 6:40 p.m.17 views

CVE-2024-3884 Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS0.00126EPSS
Exploits0References14
RedhatCVE
RedhatCVEadded 2025/12/03 6:39 p.m.3 views

CVE-2024-3884

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS6.3AI score0.00126EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2025/11/06 2:27 a.m.4 views

rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion

A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::RequestPOST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing...

7.5CVSS6.4AI score0.00282EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2025/11/06 2:27 a.m.3 views

rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion

A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::RequestPOST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing...

7.5CVSS6.4AI score0.00282EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2025/11/04 11:37 p.m.1 views

rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion

A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::RequestPOST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing...

7.5CVSS6.4AI score0.00282EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-31470

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00044EPSS
Exploits1References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-29195

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00116EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-27671

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.0009EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-29159

Malicious code in bioql PyPI...

5.4CVSS8.8AI score0.00053EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-2942

Malicious code in bioql PyPI...

4.3CVSS8.7AI score0.00143EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-55562

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00135EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-50341

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00231EPSS
Exploits0References1
OSV
OSVadded 2025/09/28 6:15 p.m.1 views

CVE-2025-11114

A flaw has been found in CodeAstro Online Leave Application 1.0. Affected by this vulnerability is an unknown functionality of the file /leaveAplicationForm.php. Executing manipulation of the argument absence can lead to sql injection. The attack may be launched remotely. The exploit has been...

8.8CVSS5.8AI score
Exploits0References5
Cvelist
Cvelistadded 2025/09/28 6:2 p.m.6 views

CVE-2025-11114 CodeAstro Online Leave Application leaveAplicationForm.php sql injection

A flaw has been found in CodeAstro Online Leave Application 1.0. Affected by this vulnerability is an unknown functionality of the file /leaveAplicationForm.php. Executing manipulation of the argument absence can lead to sql injection. The attack may be launched remotely. The exploit has been...

6.5CVSS0.00044EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/09/28 12:0 a.m.2 views

CodeAstro Online Leave Application SQL注入漏洞

CodeAstro Online Leave Application is an online leave application system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Online Leave Application version 1.0, which stems from incorrect manipulation of the parameter absence in the file /leaveAplicationForm.php, which could lead ...

8.8CVSS6.9AI score0.00044EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2025/09/17 1:52 p.m.2 views

CVE-2025-10447

A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...

9.8CVSS6.8AI score0.00116EPSS
Exploits1References1
Rows per page
Query Builder