Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/01 6:18 a.m.3 views

CVE-2026-4748

A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the...

5.9AI score0.00059EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/01 6:18 a.m.26 views

CVE-2026-4748 pf silently ignores certain rules

A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the...

0.00059EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/05/01 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the unset ONONBLOCK flag, which could lead to blocking...

5.5CVSS6.4AI score0.00051EPSS
Exploits0References8
RustSec
RustSecadded 2024/05/22 12:0 p.m.5 views

Refs and paths with reserved Windows device names access the devices

Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...

5.4CVSS7.1AI score0.00048EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/04/04 4:15 p.m.3 views

CVE-2022-1165

The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. This could result in blocking arbitrary IP addresses, such as legitimate/good search...

9.1CVSS7.8AI score0.00346EPSS
Exploits2References3
OSV
OSVadded 2022/04/04 4:15 p.m.2 views

CVE-2022-1165

The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. This could result in blocking arbitrary IP addresses, such as legitimate/good search...

9.1CVSS5.9AI score0.00346EPSS
Exploits2References2
RedHat Linux
RedHat Linuxadded 2017/11/28 8:43 p.m.5 views

OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)

It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server...

5.3CVSS7.4AI score0.06365EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2017/10/20 11:31 a.m.5 views

OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)

It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server...

5.3CVSS7.4AI score0.06365EPSS
Exploits2References4
Rows per page
Query Builder