Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

450252 matches found

Packet Storm
Packet Stormadded 3 days ago24 views

📄 OpenBSD sppp_pap_input PAP Authentication Bypass

OpenBSD suffers from a PAP authentication bypass vulnerability via a zero-length bcmp. All versions through 7.6 are affected. ------------------------------------------------------------------------ OpenBSD sppppapinput: PAP Authentication Bypass via Zero-Length bcmp...

5.8AI score
Exploits0
NVD
NVDadded 4 days ago8 views

CVE-2026-12811

A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The...

5.3CVSS0.00288EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 4 days ago4 views

CVE-2026-12811 kortix-ai suna Auth Endpoint page.tsx router.push cross site scripting

A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The...

5.3CVSS4AI score0.00288EPSS
Exploits0References8
CVE
CVEadded 4 days ago14 views

CVE-2026-12811

The CVE affects kortix-ai suna prior to 0.8.39, specifically the Auth Endpoint’s frontend component at apps/frontend/src/app/auth/page.tsx. The vulnerability stems from router.push/replace handling of the returnURL argument, enabling cross-site scripting. Exploitation is possible remotely and the...

5.3CVSS4AI score0.00288EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 4 days ago5 views

CVE-2026-12811

A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The...

5.3CVSS4AI score0.00288EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 4 days ago23 views

CVE-2026-12811 kortix-ai suna Auth Endpoint page.tsx router.push cross site scripting

A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The...

5.3CVSS0.00288EPSS
Exploits0References8
NVD
NVDadded 4 days ago9 views

CVE-2026-12805

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS0.00279EPSS
Exploits0References8
Cvelist
Cvelistadded 4 days ago19 views

CVE-2026-12805 OFFIS DCMTK ofxml.cc parseFile heap-based overflow

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS0.00279EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 4 days ago7 views

CVE-2026-12805

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS6.5AI score0.00279EPSS
Exploits0References8Affected Software1
CVE
CVEadded 4 days ago12 views

CVE-2026-12805

The vulnerability CVE-2026-12805 affects OFFIS DCMTK up to 3.7.0, specifically the XMLNode::parseFile function in ofstd/libsrc/ofxml.cc. A heap-based buffer overflow can be triggered remotely via manipulation. An exploit has been published and may be used. The patch is tracked by commit 1d4b3815c...

7.5CVSS6.5AI score0.00279EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 4 days ago3 views

CVE-2026-12805 OFFIS DCMTK ofxml.cc parseFile heap-based overflow

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References8
EUVD
EUVDadded 4 days ago8 views

EUVD-2026-38191

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References8
GithubExploit
GithubExploitadded 4 days ago55 views

sslpwn

sslpwn sslpwn is a security research tool for testing web app...

7.5CVSS5.9AI score0.99999EPSS
Exploits102
Snyk
Snykadded 4 days ago3 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the storeAtts function. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers the...

7.5CVSS6.2AI score0.00102EPSS
Exploits0References2
Snyk
Snykadded 4 days ago3 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the addBinding function. An attacker can cause memory corruption or potentially execute arbitrary code by providing crafted input that triggers an integer overflow. Remediation A fix was pushed into th...

7.5CVSS6.2AI score0.00102EPSS
Exploits0References2
Snyk
Snykadded 4 days ago3 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the xmlwf process when the -d parameter is used to specify an output directory. An attacker can cause unintended behavior or potentially execute arbitrary code by providing a specially crafted output...

7.3CVSS6.2AI score0.00098EPSS
Exploits0References2
Snyk
Snykadded 4 days ago2 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the doProlog process, specifically involving storeEntityValue and the calculation of entity textLen. An attacker can cause memory corruption or potentially...

7.5CVSS6.2AI score0.00102EPSS
Exploits0References2
Snyk
Snykadded 4 days ago4 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the getAttributeId function. An attacker can cause memory corruption or execute arbitrary code by providing specially crafted input that triggers an integer overflow. Remediation A fix was pushed into...

7.5CVSS6.2AI score0.00102EPSS
Exploits0References2
Snyk
Snykadded 4 days ago3 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the copyString function. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers the...

7.5CVSS6.2AI score0.00102EPSS
Exploits0References2
Snyk
Snykadded 4 days ago2 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the resolveSystemId function. An attacker can cause unexpected behavior or potentially execute arbitrary code by providing specially crafted input that triggers an integer overflow during processing...

7.5CVSS6.2AI score0.0011EPSS
Exploits0References2
Rows per page
Query Builder