Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6103 matches found

Snyk
Snykadded 2025/03/19 6:12 p.m.1 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification through the ZipFileBodyDecoder. An attacker can trigger an out-of-memory condition, leading to server crashes or degraded performance by uploading a specially crafted ZIP fi...

8.7CVSS6.9AI score0.001EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/03/19 12:0 a.m.2 views

PT-2025-11700

Name of the Vulnerable Software and Affected Versions kin-openapi versions prior to 0.131.0 Description The issue arises when validating a request with a multipart/form-data schema. If the OpenAPI schema allows it, an attacker can upload a crafted ZIP file, such as a ZIP bomb, causing the server ...

9.8CVSS6.4AI score0.001EPSS
Exploits0References100
SUSE CVE
SUSE CVEadded 2025/03/17 2:17 p.m.1 views

SUSE CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

7.8CVSS5.2AI score0.00042EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/03/17 6:19 a.m.8 views

CVE-2025-2357

A flaw was found in the DCMTK package. Insufficient input data validation can lead to a segmentation fault in the JPEG-LS decoder if invalid input data is processed. This vulnerability affects the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption and can be initiated...

6.3CVSS6.8AI score0.00168EPSS
Exploits0References8
OSV
OSVadded 2025/03/17 2:15 a.m.9 views

CVE-2025-2357

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

5.3CVSS7AI score
Exploits0References6
OSV
OSVadded 2025/03/17 2:15 a.m.2 views

DEBIAN-CVE-2025-2357

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

5.3CVSS5.9AI score0.00168EPSS
Exploits0References1
OSV
OSVadded 2025/03/17 2:15 a.m.0 views

UBUNTU-CVE-2025-2357

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

6.3CVSS6AI score0.00168EPSS
Exploits0References7
Debian CVE
Debian CVEadded 2025/03/17 1:31 a.m.7 views

CVE-2025-2357

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

7.5CVSS5.9AI score0.00168EPSS
Exploits0
Cvelist
Cvelistadded 2025/03/17 1:31 a.m.19 views

CVE-2025-2357 DCMTK dcmjpls JPEG-LS Decoder memory corruption

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

7.5CVSS0.00168EPSS
Exploits0References5
CVE
CVEadded 2025/03/17 1:31 a.m.86 views

CVE-2025-2357

DCMTK 3.6.9 contains a memory-corruption vulnerability in the dcmjpls JPEG-LS Decoder. The issue can be exploited remotely, with exploitation information reported publicly. A patch named 3239a7915 is referenced as fixes for this issue; applying the patch is the advised remediation. The CVE descri...

7.5CVSS6.5AI score0.00168EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologiesadded 2025/03/17 12:0 a.m.3 views

PT-2025-11451 · Dcmtk +2 · Dcmtk +2

Name of the Vulnerable Software and Affected Versions: DCMTK version 3.6.9 Description: A critical vulnerability was found in the dcmjpls JPEG-LS Decoder component of DCMTK, affecting unknown code and leading to memory corruption. The attack can be initiated remotely. The manipulation with the...

9.8CVSS6.3AI score0.05677EPSS
Exploits2References44
OSV
OSVadded 2025/03/14 9:15 p.m.1 views

AZL-58806 CVE-2025-2310 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

7.8CVSS5.9AI score0.00042EPSS
Exploits1References1
NVD
NVDadded 2025/03/14 9:15 p.m.8 views

CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

7.8CVSS0.00042EPSS
Exploits1References4
OSV
OSVadded 2025/03/14 9:15 p.m.2 views

DEBIAN-CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

7.8CVSS5.3AI score0.00042EPSS
Exploits1References1
OSV
OSVadded 2025/03/14 9:15 p.m.5 views

AZL-58825 CVE-2025-2310 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

7.8CVSS5.9AI score0.00042EPSS
Exploits1References1
OSV
OSVadded 2025/03/14 9:15 p.m.1 views

UBUNTU-CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

7.8CVSS5.6AI score0.00042EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2025/03/14 9:0 p.m.8 views

CVE-2025-2310 HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

5.3CVSS5.2AI score0.00042EPSS
Exploits1References4
CVE
CVEadded 2025/03/14 9:0 p.m.73 views

CVE-2025-2310

CVE-2025-2310 affects HDF5 1.14.6 and earlier, specifically the H5MM_strndup function in the Metadata Attribute Decoder. The vulnerability is a heap-based buffer overflow exploitable with local access; the exploit has been disclosed publicly. Several connected sources note a patch is available in...

7.8CVSS5.2AI score0.00042EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVEadded 2025/03/14 9:0 p.m.7 views

CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

7.8CVSS5.2AI score0.00042EPSS
Exploits1
Microsoft CVE
Microsoft CVEadded 2025/03/14 7:0 a.m.2 views

Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder in Exiv2

...

5.5CVSS5.5AI score0.00041EPSS
Exploits0
Rows per page
Query Builder