Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Redos
Redosadded 2026/01/28 12:0 a.m.3 views

ROS-20260128-73-0010

A vulnerability in the Linux operating system kernel is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...

5.5CVSS6.2AI score0.00049EPSS
Exploits0
OSV
OSVadded 2026/01/09 6:52 p.m.3 views

GHSA-JRMJ-C5CX-3CW6 Angular has XSS Vulnerability via Unsanitized SVG Script Attributes

A Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular’s internal sanitization schema fails to recognize the href and xlink:href attributes of SVG elements as a Resource URL context. In a standard security model,...

8.5CVSS6.1AI score0.00021EPSS
Exploits1References5
CNVD
CNVDadded 2025/05/30 12:0 a.m.4 views

GNU coreutils buffer overflow vulnerability

GNU coreutils is a core toolset of the GNU community. GNU coreutils suffers from a buffer overflow vulnerability that originates from a boundary error in the function begfield in the sort tool when handling untrusted input, which can be exploited by an attacker to cause a crash or data disclosure...

4.4CVSS7AI score0.0014EPSS
Exploits0References1
Snyk
Snykadded 2025/02/21 6:40 p.m.1 views

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection via the deserialize method, when handling untrusted XML data, which may contain external entity references. Details XXE Injection is a type of attack against an application that parses XML input. XML is...

8.7CVSS7.6AI score0.00068EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/01/30 12:0 a.m.2 views

PT-2024-6708 · Synology · Synology Drive Client

Name of the Vulnerable Software and Affected Versions: Synology Drive Client versions prior to 3.3.0-15082 Description: The issue is related to the inclusion of functionality from an untrusted control sphere in the OpenSSL DLL component. This allows local users to execute arbitrary code via...

7.8CVSS7.9AI score0.00165EPSS
Exploits0References7
Cvelist
Cvelistadded 2023/06/14 11:54 a.m.22 views

CVE-2023-3040 Out of Bounds Access Leading to Undefined Behavior

A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a merged in PR 14 contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that...

3.7CVSS7.7AI score0.00129EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2020/12/08 12:0 a.m.29 views

CVE-2020-25675

In the CropImage and CropImageToTiles routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a...

4.3CVSS5.6AI score0.00149EPSS
Exploits1
RedHat Linux
RedHat Linuxadded 2007/04/20 11:36 a.m.9 views

Important: Red Hat Security Advisory: php security update for Stronghold

Updated PHP packages that fix several security issues are now available for Stronghold 4.0 for Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

7.5CVSS7.4AI score0.86051EPSS
Exploits9References2
Rows per page
Query Builder