Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

87 matches found

Vulnrichment
Vulnrichmentadded 2024/08/06 4:54 a.m.19 views

CVE-2024-39817

Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access by conducting 'search' under certain conditions in Custom App...

6.4AI score0.00417EPSS
Exploits0References2
OSV
OSVadded 2024/06/25 4:50 p.m.1 views

USN-6847-1 libheif vulnerabilities

It was discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2019-11471 Reza Mirzazade Farkhani discovered that libheif incorrectly handled...

8.8CVSS7.3AI score0.01838EPSS
Exploits7References9
Cvelist
Cvelistadded 2024/06/11 4:26 a.m.15 views

CVE-2024-31400

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintended data may be left in forwarded mail...

0.00282EPSS
Exploits0References2
OSV
OSVadded 2024/01/10 6:42 p.m.5 views

USN-6548-5 linux-iot vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS6.8AI score0.09141EPSS
Exploits4References11
SUSE CVE
SUSE CVEadded 2023/02/15 6:14 a.m.2 views

SUSE CVE-2006-5462

Mozilla Network Security Service NSS library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatur...

6.4CVSS8.8AI score0.02611EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2023/02/15 3:55 a.m.2 views

SUSE CVE-2020-16155

The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data...

6.5CVSS7AI score0.00956EPSS
Exploits1References3
OSV
OSVadded 2022/07/28 9:0 a.m.6 views

SUSE-SU-2022:2574-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...

8.8CVSS7.6AI score0.06451EPSS
Exploits3References16
Positive Technologies
Positive Technologiesadded 2022/06/14 12:0 a.m.2 views

PT-2022-3484 · Unknown · Data Center Expert

Name of the Vulnerable Software and Affected Versions: Data Center Expert versions prior to 7.9.0 Description: The issue is related to insufficient protection of registration data in the Data Center Expert software. This could allow a remote attacker to gain full control over the software. The...

9.8CVSS9.3AI score0.00532EPSS
Exploits0References9
OSV
OSVadded 2022/05/24 5:35 p.m.6 views

GHSA-8C7C-2C8J-3XFP blosc2 heap-based buffer overflow

blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data...

7.8CVSS7.8AI score0.01176EPSS
Exploits0References6
OSV
OSVadded 2021/12/13 6:15 p.m.1 views

DEBIAN-CVE-2020-16155

The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data...

6.5CVSS6.3AI score0.00956EPSS
Exploits1References1
Debian CVE
Debian CVEadded 2021/06/02 3:16 p.m.26 views

CVE-2021-28678

An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data...

5.5CVSS5.3AI score0.00735EPSS
Exploits0
CVE
CVEadded 2019/07/18 4:14 p.m.54 views

CVE-2019-13951

CVE-2019-13951 affects gdnsd 3.x up to before 3.2.1, where the set_ipv4() function in zscan_rfc1035.rl allows a stack-based buffer overflow when processing zone data containing a long/malformed IPv4 address. Multiple vendor advisories (Red Hat, Ubuntu, Debian, OSV, NVD, CVE List) reference the sa...

9.8CVSS9.6AI score0.01691EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2017/08/18 12:29 p.m.26 views

Design/Logic Flaw

The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting...

6.8CVSS8.5AI score0.25065EPSS
Exploits0References7Affected Software2
Tenable Nessus
Tenable Nessusadded 2017/05/11 12:0 a.m.36 views

openSUSE Security Update : swftools (openSUSE-2017-564)

This update for swftools fixes the following issues : - CVE-2017-8400: out-of-bound write of heap data issue bsc1037050 - CVE-2017-8401: out-of-bound read of heap data issue bsc1037051 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

8.8CVSS7.1AI score0.02101EPSS
Exploits2References4
OSV
OSVadded 2017/02/23 4:28 p.m.2 views

USN-3211-1 php7.0 vulnerabilities

It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-7479 It was discovered that PHP incorrectly handled certain...

9.8CVSS7.4AI score0.41674EPSS
Exploits6References11
OSV
OSVadded 2017/02/14 6:44 p.m.2 views

USN-3196-1 php5 vulnerabilities

It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-9912 It was discovered that PHP incorrectly handled...

9.8CVSS7.2AI score0.42401EPSS
Exploits3References11
OSV
OSVadded 2015/09/06 2:59 a.m.7 views

CVE-2015-6823

The allocatebuffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted Apple Lossless Audio Codec ALAC data...

8.2AI score
Exploits0References4
OSV
OSVadded 2013/10/09 10:37 p.m.4 views

MGASA-2013-0300 Updated vino packages fix CVE-2013-5745

Updated vino package fixes security vulnerability: The vinoserverclientdatapending function in vino-server.c in GNOME Vino 3.7.3 and earlier, when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote...

7.1CVSS6.4AI score0.0872EPSS
Exploits5References3
Tenable Nessus
Tenable Nessusadded 2004/12/17 12:0 a.m.19 views

Opera < 7.54u1 Download Box Spoofing

Binary data 2467.prm...

2.6CVSS7.3AI score0.02451EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2004/11/01 12:0 a.m.19 views

Konqueror < 3.2.2-2 Cross-Domain Dialog Box Spoofing

Binary data 2374.prm...

7.3AI score
Exploits0
Rows per page
Query Builder