Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

192056 matches found

Snyk
Snykadded 2026/05/04 5:20 p.m.5 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization when handling HTTP request paths that have had normalizedPath applied. An attacker can gain unauthorized access to protected resources by appending a semicolon and arbitrary text to the request URL, exploiting...

8.8CVSS6AI score0.00265EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2026/05/04 5:16 p.m.3 views

CVE-2026-40682

XML External Entity XXE via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor class initializes a static SAXParserFactory at class-load time without enabling FEATURESECUREPROCESSING ...

9.1CVSS5.8AI score0.00403EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/05/04 5:7 p.m.1 views

CVE-2025-70069

A flaw was found in Assimp. A remote attacker can exploit this vulnerability by interacting with the FBXConverter.cpp and ConvertMeshMultiMaterial method. This can lead to a denial of service DoS, which disrupts the availability of the affected system...

7.5CVSS5.8AI score0.00332EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2026/05/04 4:29 p.m.6 views

VM2 Sandbox Breakout Through __lookupGetter__

Summary VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. Details The lookupGetter method allows to read the getter of an object. It is special in VM2 since it will switch...

9.8CVSS6.2AI score0.00886EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/04 4:19 p.m.1 views

CVE-2026-42812

In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...

9.9CVSS5.8AI score0.00364EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/05/04 4:16 p.m.2 views

CVE-2025-70071

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray...

5.9CVSS5.8AI score0.00392EPSS
Exploits0References2
CVE
CVEadded 2026/05/04 4:2 p.m.20 views

CVE-2026-42375

D-Link DIR-600L A1 (End-of-Life) is affected by CVE-2026-42375 due to a hardcoded telnet backdoor. The device runs a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u u...

9.8CVSS5.8AI score0.00472EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2026/05/04 3:16 p.m.7 views

CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS0.00557EPSS
Exploits1References2
OSV
OSVadded 2026/05/04 3:16 p.m.2 views

DEBIAN-CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1References1
OSV
OSVadded 2026/05/04 3:16 p.m.3 views

DEBIAN-CVE-2025-70070

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry...

6.5CVSS5.8AI score0.00246EPSS
Exploits0References1
OSV
OSVadded 2026/05/04 3:16 p.m.1 views

ALPINE-CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2026/05/04 3:16 p.m.1 views

CVE-2025-70072

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial components...

6.5CVSS5.8AI score0.00246EPSS
Exploits0References2
OSV
OSVadded 2026/05/04 3:16 p.m.2 views

UBUNTU-CVE-2025-70070

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry...

6.5CVSS5.8AI score0.00246EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/05/04 2:42 p.m.4 views

CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1
ATTACKERKB
ATTACKERKBadded 2026/05/04 2:42 p.m.10 views

CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.8AI score0.00557EPSS
Exploits1References2
EUVD
EUVDadded 2026/05/04 2:42 p.m.5 views

EUVD-2026-26961

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/05/04 2:42 p.m.3 views

CVE-2026-33006 Apache HTTP Server: mod_auth_digest timing attack

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.8AI score0.00557EPSS
Exploits1References1
AlpineLinux
AlpineLinuxadded 2026/05/04 2:42 p.m.2 views

CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1
CVE
CVEadded 2026/05/04 2:42 p.m.162 views

CVE-2026-33006

The CVE-2026-33006 issue affects Apache HTTP Server 2.4.66 and its mod_auth_digest component. A timing-based flaw allows a remote attacker to bypass Digest authentication. The known remediation is upgrading to Apache HTTP Server 2.4.67, which fixes the vulnerability. The NVD entry documents a MED...

4.8CVSS5.8AI score0.00557EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/05/04 2:42 p.m.64 views

CVE-2026-33006 Apache HTTP Server: mod_auth_digest timing attack

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

0.00557EPSS
Exploits1References1
Rows per page
Query Builder