Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2026/05/11 2:51 p.m.5 views

urllib3: Decompression-bomb safeguards bypassed in parts of the streaming API

Impact urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or...

8.9CVSS5.8AI score0.00019EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVEadded 2026/02/06 3:32 p.m.5 views

CVE-2026-25547

A flaw was found in the brace-expansion component. This denial of service DoS vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory...

9.2CVSS5.5AI score0.0002EPSS
Exploits0References4
NVD
NVDadded 2025/12/05 4:15 p.m.2 views

CVE-2025-66418

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory...

8.9CVSS0.00021EPSS
Exploits0References2
Debian
Debianadded 2025/09/08 1:26 p.m.4 views

[SECURITY] [DLA 4295-1] libhtp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4295-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 08, 2025 https://wiki.debian.org/LTS -...

7.5CVSS7.7AI score0.00416EPSS
Exploits2
CNVD
CNVDadded 2018/09/26 12:0 a.m.2 views

Python Denial of Service Vulnerability (CNVD-2018-20081)

Python is an open source, object-oriented programming language from the Python Software Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. There is a security vulnerability in Python. An attacker can exploit this vulnerability with the help of ...

7.5CVSS6.6AI score0.01247EPSS
Exploits0References1
CNVD
CNVDadded 2017/08/31 12:0 a.m.2 views

GraphicsMagick Denial of Service Vulnerability (CNVD-2017-24319)

GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A denial of service vulnerability exists in the 'ReadJNXImage' function in the coders/jnx.c file in GraphicsMagick version 1.3.26. An attacker can exploit th...

7.1CVSS7.1AI score0.018EPSS
Exploits0References1
OSV
OSVadded 2017/08/30 9:29 a.m.1 views

DEBIAN-CVE-2017-13776

GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it...

6.5CVSS7.6AI score0.00698EPSS
Exploits1References1
Rows per page
Query Builder