Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CISA KEV Catalog
CISA KEV Catalogadded 2025/12/05 12:0 a.m.17 views

Meta React Server Components Remote Code Execution Vulnerability

Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with...

10CVSS7.9AI score0.82011EPSS
In wildExploits372
Veracode
Veracodeadded 2025/09/18 2:16 p.m.4 views

Denial Of Service (DoS)

Axios is vulnerable to Denial-of-Service. The vulnerability is due to improper handling of data: scheme URLs, where the Node.js HTTP adapter decodes the entire payload into memory and ignores size limits, allowing attackers to supply a very large data URI to cause unbounded memory allocation and...

7.5CVSS6.9AI score0.00257EPSS
Exploits1References9Affected Software1
OSV
OSVadded 2025/09/11 9:7 p.m.0 views

GHSA-4HJH-WCWX-XVWJ Axios is vulnerable to DoS attack through lack of data size check

Summary When Axios runs on Node.js and is given a URL with the data: scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory Buffer/Blob and returns a synthetic 200 response. This path ignores maxContentLength / maxBodyLength which only protect HTTP...

7.5CVSS7.1AI score0.00257EPSS
Exploits1References10
CNNVD
CNNVDadded 2025/07/08 12:0 a.m.1 views

Payload和form 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from an information disclosure when decoding RTP packet payloads...

8.2CVSS6AI score0.00324EPSS
Exploits0References1
Packet Storm News
Packet Storm Newsadded 2025/05/06 12:0 a.m.3 views

A Study on Audio Synchronous Steganography Detection and Distributed Guide Inference Model Based on Sliding Spectral Features and Intelligent Inference Drive

With the rise of short video platforms in global communication, embedding steganographic data in audio synchronization streams has emerged as a new covert communication method. To address the limitations of traditional techniques in detecting synchronized steganography, this paper proposes a...

7.1AI score
Exploits0
Github Security Blog
Github Security Blogadded 2023/06/30 6:31 p.m.35 views

Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...

3.6CVSS6.1AI score0.00025EPSS
Exploits0References3Affected Software1
FireEye
FireEyeadded 2016/08/17 12:15 p.m.17 views

Locky Ransomware Distributed Via DOCM Attachments in Latest Email Campaigns

Throughout August, FireEye Labs has observed a few massive email campaigns distributing Locky ransomware. The campaigns have affected various industries, with the healthcare industry being hit the hardest based on our telemetry, as seen in Figure 1. Figure 1. Top 10 affected industries Numerous...

6.9AI score
Exploits0
Rows per page
Query Builder