Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/05/25 12:0 a.m.8 views

Hackney 安全漏洞

Hackney is a program library from Hackney, Inc. A security vulnerability exists in hackney versions prior to 0.10.0 through 4.0.1, which stems from the use of an infinite timeout by the SOCKS5 transport during TLS upgrades, which could result in infinite blocking of the connection process...

8.2CVSS5.8AI score0.0067EPSS
Exploits1References5
CNNVD
CNNVDadded 2026/05/18 12:0 a.m.7 views

Net::Statsd::Lite 注入漏洞

Net::Statsd::Lite is a lightweight StatsD client developed by Robert Rothenberg, which supports multiple metric data packets. Versions of Net::Statsd::Lite prior to 0.10.0 have a vulnerability due to the setadd method not checking for line breaks, colons, or pipes, which may lead to metric...

7.3CVSS5.8AI score0.00226EPSS
Exploits0References2
CVE
CVEadded 2026/01/07 9:39 a.m.39 views

CVE-2025-68637

The Uniffle HTTP client is configured to trust all SSL certificates and disable hostname verification by default, exposing REST API communications between the Uniffle CLI/client and the Uniffle Coordinator to potential MITM attacks. Affected: all versions prior to 0.10.0. Mitigation: upgrade to v...

9.1CVSS6.5AI score0.0022EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2025/11/10 12:22 p.m.3 views

CVE-2025-64494

Soft Serve is a self-hostable Git server for the command line. In versions prior to 0.10.0, there are several places where the user can insert data e.g. names and ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts. In the same token, git messages...

4.6CVSS6.7AI score0.00152EPSS
Exploits0References1
CVE
CVEadded 2025/11/08 1:19 a.m.12 views

CVE-2025-64494

Soft Serve (Charmbracelet/soft-serve) does not sanitize ANSI escape sequences in user input, and does not sanitize git messages in some UI paths. Affected versions are prior to 0.10.0. The issue can enable fake-alert-like output due to unsanitized input, with related cleanup needed in printed git...

4.6CVSS6.3AI score0.00152EPSS
Exploits0References2
NVD
NVDadded 2025/08/28 10:15 p.m.1 views

CVE-2025-58061

OpenEBS Local PV RawFile allows dynamic deployment of Stateful Persistent Node-Local Volumes & Filesystems for Kubernetes. Prior to version 0.10.0, persistent volume data is world readable and that would allow non-privileged users to access sensitive data such as databases of k8s workload. The...

5.5CVSS0.00125EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 2:50 a.m.1 views

CVE-2023-0108

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.10.0...

7.1CVSS6.7AI score0.00519EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/01/07 12:0 a.m.2 views

memos 跨站脚本漏洞

memos is an open source hosted memo center with knowledge management and social features. A cross-site scripting vulnerability exists in versions of memos prior to 0.10.0, which stems from the fact that its markup editor does not clean up user input allowing an attacker to implement stored...

6.5CVSS5.2AI score0.00498EPSS
Exploits1References3
Rows per page
Query Builder