Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Veracode
Veracodeadded 2026/05/05 11:48 a.m.10 views

Deserialization Of Untrusted Data

Apache MINA is vulnerable to deserialization of untrusted data. The vulnerability is due to missing class validation in the AbstractIoBuffer.resolveClass method, which bypasses the classname allowlist and allows an attacker to execute arbitrary code via crafted serialized input...

9.8CVSS6.2AI score0.0064EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2026/04/17 12:59 p.m.9 views

OESA-2026-1915 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: systemd, a system and service manager, as PID 1 hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is...

6.7CVSS6AI score0.00142EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-4665

Malware in sbrugna...

8.8CVSS8.6AI score0.02319EPSS
Exploits0References4
Veracode
Veracodeadded 2024/02/08 6:45 a.m.27 views

Arbitrary Code Execution

Graylog is vulnerable to Arbitrary Code Execution. The vulnerability is due to a lack of class validation, which allows an attacker to send a HTTP PUT request to the /api/system/clusterconfig/ endpoint which results in the loading of arbitrary classes. This issue can be exploited by an attacker b...

8.8CVSS7.4AI score0.34498EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2023/10/23 6:7 p.m.7 views

USN-6441-2 linux-gcp-5.4 vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.2AI score0.00549EPSS
Exploits5References10
Veracode
Veracodeadded 2023/03/09 12:49 p.m.61 views

Remote Code Execution (RCE)

org.apache.dubbo:dubbo-common is vulnerable to Remote Code Execution RCE. The vulnerability is due to a lack of class validation when deserializing untrusted user input which allows an attacker to upload and execute malicious code...

9.8CVSS9.4AI score0.04847EPSS
Exploits3References8Affected Software1
RedHat Linux
RedHat Linuxadded 2021/10/20 1:21 p.m.5 views

OpenJDK: Incomplete validation of inner class references in ClassFileParser (Hotspot, 8268071)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker wi...

3.1CVSS6.9AI score0.03699EPSS
Exploits0References4
Saint
Saintadded 2011/07/29 12:0 a.m.26 views

Java RMI Services Default Configuration Remote Loading

Added: 07/29/2011 Background The Java Remote Method Invocation RMI system allows an object running in one Java virtual machine to invoke methods on an object running in another Java virtual machine. RMI provides for remote communication between programs written in the Java programming language...

0.6AI score
Exploits0
Rows per page
Query Builder