Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/04/15 12:0 a.m.3 views

Apache SkyWalking 安全漏洞

Apache SkyWalking is an application performance monitor developed by the Apache Foundation in the United States. It is primarily used for applications in microservices, cloud-native environments, and container-based systems. Versions of Apache SkyWalking starting from 10.3.0 contain security...

7.5CVSS5.8AI score0.00056EPSS
Exploits0References1
OSV
OSVadded 2026/04/13 7:22 p.m.2 views

GHSA-WHJ4-6X5X-4V2J FITS GZIP decompression bomb in Pillow

Impact Pillow did not limit the amount of GZIP-compressed data read when decoding a FITS image, making it vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of service OOM crash or severe performance degradation...

8.7CVSS5.8AI score0.00018EPSS
Exploits0References6
AlpineLinux
AlpineLinuxadded 2026/02/11 8:53 p.m.5 views

CVE-2026-25990

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1...

8.6CVSS6.4AI score0.00014EPSS
Exploits1
CNNVD
CNNVDadded 2026/02/11 12:0 a.m.3 views

Pillow 缓冲区错误漏洞

Pillow is an open-source image processing library developed by Pillow. Versions of Pillow from 10.3.0 to 12.1.1 contained a buffer error vulnerability. This vulnerability occurred when loading specially crafted PSD images, potentially leading to out-of-bounds write operations...

8.6CVSS7AI score0.00014EPSS
Exploits1References4
NVD
NVDadded 2025/01/23 9:15 a.m.6 views

CVE-2024-53299

The request handling in the core in Apache Wicket 7.0.0 on any platform allows an attacker to create a DOS via multiple requests to server resources. Users are recommended to upgrade to versions 9.19.0 or 10.3.0, which fixes this issue...

6.5CVSS0.00734EPSS
Exploits0References2
CNVD
CNVDadded 2016/02/23 12:0 a.m.0 views

Cybozu Office Open Redirect Vulnerability

Cybozu Office is a WEB-based cross-platform office solution developed by Cybozu Japan. An open redirection vulnerability exists in Cybozu Office versions 10.2.0 through 10.3.0, which allows remote attackers to conduct phishing attacks by redirecting users to arbitrary web sites via a crafted URL...

7.4CVSS6.8AI score0.00274EPSS
Exploits0References1
CNVD
CNVDadded 2016/02/23 12:0 a.m.3 views

Cybozu Office Cross-Site Scripting Vulnerability (CNVD-2016-01250)

Cybozu Office is a WEB-based cross-platform office solution developed by Cybozu Japan. A cross-site scripting vulnerability in Cybozu Office versions 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6AI score0.00515EPSS
Exploits0References1
CNVD
CNVDadded 2016/02/23 12:0 a.m.0 views

Cybozu Office Cross-Site Request Forgery Vulnerability

Cybozu Office is a WEB-based cross-platform office solution developed by Cybozu Japan. A cross-site request forgery vulnerability exists in Cybozu Office versions 9.0.0 through 10.3.0, which allows remote attackers to exploit the vulnerability to discover CSRF tokens...

4.3CVSS6.9AI score0.00306EPSS
Exploits0References1
Rows per page
Query Builder