Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/05/05 4:16 p.m.11 views

PYSEC-2026-54

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated Content-Length header can bypass the FILEUPLOADMAXMEMORYSIZE limit, potentially loading large files into memory and causing service degradation. As a reminder, Django expects a limit to ...

6.3CVSS5.8AI score0.00056EPSS
Exploits0References3
PyPA
PyPAadded 2026/04/07 3:17 p.m.6 views

PYSEC-2026-49

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30.ASGI requests with a missing or understated Content-Length header couldbypass the DATAUPLOADMAXMEMORYSIZE limit when readingHttpRequest.body, allowing remote attackers to load an unbounded request body...

7.5CVSS5.8AI score0.00035EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/07 2:22 p.m.2 views

CVE-2026-33034

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or understated Content-Length header could bypass the DATAUPLOADMAXMEMORYSIZE limit when reading HttpRequest.body, allowing remote attackers to load an unbounded request body into...

5.9AI score0.00035EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2026/02/25 10:16 p.m.5 views

CVE-2026-27951

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...

7.5CVSS0.00081EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2026/01/26 11:28 p.m.6 views

Python-Multipart has Arbitrary File Write via Non-Default Configuration

Summary A Path Traversal vulnerability exists when using non-default configuration options UPLOADDIR and UPLOADKEEPFILENAME=True. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting a malicious filename. Details When UPLOADDIR is set and UPLOADKEEPFILENAME is...

8.6CVSS6AI score0.01021EPSS
Exploits3References5Affected Software1
CVE
CVEadded 2025/12/09 2:52 a.m.10 views

CVE-2025-66627

CVE-2025-66627 affects Wasmi (WebAssembly interpreter for constrained/embedded systems). The issue is a Use-After-Free in Wasmi’s linear memory implementation triggered under certain memory growth conditions, potentially causing memory corruption, information disclosure, or code execution. Affect...

8.4CVSS6.8AI score0.00022EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 6:2 a.m.2 views

CVE-2023-28097

OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large Content-Length value and a specially crafted Request-URI causes a segmentation fault in OpenSIPS. This issue occurs when a large amount of shared memo...

7.5CVSS6.7AI score0.00701EPSS
Exploits0References1
Rows per page
Query Builder