Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Github Security Blog
Github Security Blogadded 2026/05/14 4:36 p.m.11 views

OpenTelemetry Java SDK has Unbounded Memory Allocation in W3C Baggage Propagation

Overview A vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators. Parsing oversized baggage causes unbounded memory allocation and CPU consumption. Because baggage is automatically re-injected into every outgoing request, t...

5.3CVSS5.9AI score0.00059EPSS
Exploits0References5Affected Software2
NVD
NVDadded 2026/05/13 7:17 p.m.5 views

CVE-2026-42582

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final, when decoding header blocks, the non-Huffman branch of io.netty.handler.codec.http3.QpackDecoderdecodeHuffmanEncodedLiteral may execute new bytelength for a string literal before verifying that length byt...

7.5CVSS0.00017EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2026/04/10 12:0 a.m.1 views

Unity Linux 20.1060a / 20.1070a Security Update: grafana (UTSA-2026-007099)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007099 advisory. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large...

4.3CVSS7.1AI score0.00024EPSS
Exploits0References4
Mageia
Mageiaadded 2025/10/18 4:49 p.m.3 views

Updated expat packages fix security vulnerabilities

Improper restriction of xml entity expansion depth in libexpat. CVE-2024-8176 This is an extension of the fix published in MGASA-2025-0109 that was determined by upstream to be incomplete. Libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small...

7.5CVSS6.1AI score0.00803EPSS
Exploits1References4
CVE
CVEadded 2025/10/07 7:31 p.m.10 views

CVE-2025-61910

The CVE-2025-61910 issue affects NASA ION-DTN (BPv7) 4.1.3s. A malformed CBOR extension block in a BPv7 bundle can trigger uncontrolled memory allocation during parsing: the extension block’s fifth element (a byte string) is mishandled, and an unsigned blockLength is converted to a 32‑bit signed ...

7.5CVSS6.7AI score0.00075EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-15357

Malware in sbrugna...

6.8CVSS4.8AI score0.02126EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-53193

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00446EPSS
Exploits0References1
CVE
CVEadded 2025/03/03 10:7 a.m.52 views

CVE-2024-53028

CVE-2024-53028 is tied to memory corruption that occurs while processing frontend messages during allocation in Qualcomm chipsets. Public references describe a memory corruption condition with high impact on confidentiality, integrity, and availability; attack vector is local with low privileges ...

7.8CVSS7.4AI score0.00087EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVEadded 2025/02/27 3:2 a.m.2 views

SUSE CVE-2022-49701

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Allocate/free queue resource only during probe/remove Currently, the sub-queues and event pool resources are allocated/freed for every CRQ connection event such as reset and LPM. This exposes the driver to a couple...

5.5CVSS7.5AI score0.0008EPSS
Exploits0References9
Rows per page
Query Builder