Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

SUSE Linux
SUSE Linuxadded 2026/04/15 10:21 a.m.2 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2026-3731: denial of service via out-of-bounds read in SFTP extension name handler bsc1259377. CVE-2026-0964: SCP protocol path traversal in sshscppullrequest bsc1258049. CVE-2026-0965: possible denial of service when parsing unexpected...

6.9CVSS6.5AI score0.00631EPSS
Exploits8References24
Ubuntu
Ubuntuadded 2026/02/23 7:56 p.m.4 views

USN-8051-2: libssh vulnerabilities

USN-8051-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that libssh clients incorrectly handled the key exchange process. A remote attacker could possibly...

8.2CVSS5.6AI score0.00582EPSS
Exploits8
Vulnrichment
Vulnrichmentadded 2026/01/22 1:6 a.m.2 views

CVE-2025-27378 SQL Injection in AES Due to Inactive SQL Parsing Configuration

AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to inject and execute arbitrary SQL queries...

8.6CVSS6.1AI score0.00353EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/22 1:6 a.m.23 views

CVE-2025-27378 SQL Injection in AES Due to Inactive SQL Parsing Configuration

AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to inject and execute arbitrary SQL queries...

8.6CVSS0.00353EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/01 12:0 a.m.3 views

PT-2026-20977

Name of the Vulnerable Software and Affected Versions libssh-config versions prior to 0.11.4-1.1 Description A buffer underflow issue exists in the ssh get hexa function when processing invalid input. This can potentially lead to unexpected behavior or compromise the system. Recommendations Updat...

6.5CVSS6.3AI score0.00631EPSS
Exploits8References70
Veracode
Veracodeadded 2024/05/09 10:18 a.m.12 views

XML External Entity (XXE) Injection

@cyclonedx/cyclonedx-library is vulnerable to XML External Entity XXE Injection. The vulnerability is due to improper XML parsing configuration within xmlValidator.node.ts, allowing an attacker to potentially access sensitive files or execute malicious code through crafted XML entities...

8.1CVSS7AI score0.00925EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linuxadded 2023/08/01 8:55 a.m.2 views

libeconf: stack-based buffer overflow in read_file() in lib/getfilecontents.c

A flaw was found in the libeconf library. This issue occurs when parsing a specially crafted configuration file, causing a stack-based buffer overflow, resulting in a denial of service...

6.5CVSS6AI score0.00636EPSS
Exploits0References4
Rows per page
Query Builder