Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6340 matches found

NVD
NVDadded 2025/11/26 7:16 a.m.5 views

CVE-2025-13735

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR LapwingLinux on Linux nrfw modules. This vulnerability is associated with program files Code/nrfw/DLP/src/NrCgi.C. This issue affects LapwingLinux: before 2025/11/26...

7.4CVSS0.00174EPSS
Exploits0References1
OSV
OSVadded 2025/11/26 7:16 a.m.3 views

UBUNTU-CVE-2025-13735

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR LapwingLinux on Linux nrfw modules. This vulnerability is associated with program files Code/nrfw/DLP/src/NrCgi.C. This issue affects LapwingLinux: before 2025/11/26...

7.4CVSS5.8AI score0.00174EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/11/26 6:2 a.m.4 views

CVE-2025-13735 Out-of-bounds Read in nr flc

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR LapwingLinux on Linux nrfw modules. This vulnerability is associated with program files Code/nrfw/DLP/src/NrCgi.C. This issue affects LapwingLinux: before 2025/11/26...

7.4CVSS6.6AI score0.00174EPSS
Exploits0References1
EUVD
EUVDadded 2025/11/26 6:2 a.m.9 views

EUVD-2025-199708

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR LapwingLinux on Linux nrfw modules. This vulnerability is associated with program files Code/nrfw/DLP/src/NrCgi.C. This issue affects LapwingLinux: before 2025/11/26...

7.4CVSS6.4AI score0.00174EPSS
Exploits0References2
CVE
CVEadded 2025/11/26 6:2 a.m.14 views

CVE-2025-13735

CVE-2025-13735 describes an out-of-bounds read in ASR Lapwing_Linux, affecting the nr_fw modules (DLP/NrCgi.C) on Linux. Multiple sources (Red Hat, Ubuntu, NVD, OSV) confirm the issue affects Lapwing_Linux prior to 2025-11-26. The vulnerability is characterized as a read out-of-bounds in nr_fw/Nr...

7.4CVSS6.6AI score0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/11/26 12:0 a.m.6 views

PT-2025-48131

Name of the Vulnerable Software and Affected Versions ASR Lapwing Linux versions prior to 2025/11/26 Description An out-of-bounds read issue exists in ASR1903 and ASR3901 within the nr fw modules of ASR Lapwing Linux on Linux. This issue is linked to the program files Code/nr fw/DLP/src/NrCgi.C...

7.4CVSS6.5AI score0.00174EPSS
Exploits0References6
vulnersOsv
vulnersOsvadded 2025/11/25 10:10 p.m.7 views

au.csiro.pathling:fhir-server (>=6.2.2 <=7.2.0), br.com.jarch:jarch-apt (>=20.7.0 <=25.11.0) +744 more potentially affected by CVE-2025-66021 via com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (>=r136 <=20240325.1)

com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer MAVEN version =r136, =6.2.2, =20.7.0, =24.2.0, =20.7.0, =23.1.0, =24.2.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.8.0, =8.6.8 and more Source cves: CVE-2025-66021 Source advisory:...

8.6CVSS5.8AI score0.00226EPSS
Exploits1
EUVD
EUVDadded 2025/11/25 6:32 p.m.12 views

EUVD-2025-199600

A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...

4.8CVSS5.2AI score0.00264EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2025/11/25 6:23 a.m.1 views

linux-pam: Linux-pam directory Traversal

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...

7.8CVSS7.3AI score0.0039EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2025/11/25 6:23 a.m.6 views

Important: Red Hat Security Advisory: pam security update

An update for pam is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.8CVSS7.2AI score0.0039EPSS
Exploits0References2
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.6 views

@actbase/react-native-less-transformer contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.11 views

@actbase/react-native-kakao-channel contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.9 views

@actbase/react-native-fast-image contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.4 views

02-echo contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.6 views

@actbase/native contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.8 views

@actbase/node-server contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.6 views

@actbase/react-native-actionsheet contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.5 views

@actbase/react-native-devtools contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.6 views

@actbase/react-native-naver-login contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
Snyk
Snykadded 2025/11/24 8:33 p.m.1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Rows per page
Query Builder