Lucene search
K

3465 matches found

EUVD
EUVD
•added 2025/10/03 8:7 p.m.•19 views

EUVD-2025-22121

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0055EPSS
Exploits0References3
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•5 views

EUVD-2021-28700

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.01595EPSS
Exploits0References6
OSV
OSV
•added 2025/10/03 7:15 p.m.•2 views

CVE-2025-52858

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

4.9CVSS5.8AI score0.00356EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/10/03 6:12 p.m.•7 views

CVE-2025-52859 QTS, QuTS hero

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS0.00356EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2025/10/03 6:10 p.m.•3 views

CVE-2025-47214 QTS

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS6.5AI score0.00439EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2025/10/03 6:9 p.m.•2 views

CVE-2025-44008 Qsync Central

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1...

5.3CVSS6.5AI score0.00419EPSS
Exploits0References1
Github Security Blog
Github Security Blog
•added 2025/10/01 3:53 p.m.•7 views

@plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user

Impact When visiting a specific URL, an anonymous user could cause the NodeJS server part of Volto to quit with an error. Patches The problem has been patched and the patch has been backported to Volto major versions down until 16. It is advised to upgrade to the latest patch release of your...

8.7CVSS6.8AI score0.00408EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessus
•added 2025/09/30 12:0 a.m.•3 views

NewStart CGSL MAIN 6.06 : ruby Multiple Vulnerabilities (NS-SA-2025-0208)

The remote NewStart CGSL host, running version MAIN 6.06, has ruby packages installed that are affected by multiple vulnerabilities: - CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks vi...

7.8CVSS8.2AI score0.04246EPSS
Exploits3References7
RedHat Linux
RedHat Linux
•added 2025/09/29 1:34 a.m.•4 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.9CVSS5.7AI score0.0076EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
•added 2025/09/17 7:31 p.m.•11 views

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server Liberty affects IBM Enterprise Application Service for Java

Summary IBM Enterprise Application Service for Java is affected by multiple vulnerabilities found in WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in...

7.5CVSS7.1AI score0.64718EPSS
Exploits1
Cvelist
Cvelist
•added 2025/09/16 4:9 p.m.•8 views

CVE-2025-43801

Unchecked input for loop condition vulnerability in XML-RPC in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers...

6.9CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/09/12 1:16 a.m.•35 views

CVE-2025-58754 Axios is vulnerable to DoS attack through lack of data size check

Axios is a promise based HTTP client for the browser and Node.js. When Axios starting in version 0.28.0 and prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL with the data: scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory...

7.5CVSS0.01099EPSS
Exploits1References8
RedHat Linux
RedHat Linux
•added 2025/09/11 2:40 p.m.•2 views

mysql: DDL unspecified vulnerability (CPU Jul 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.42, 8.4.5 and 9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS5.7AI score0.00485EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 2025/09/10 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2021-38380

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack- based buffer over-read. An attacker can leverage this t...

7.5CVSS7.7AI score0.01532EPSS
Exploits1References2
Positive Technologies
Positive Technologies
•added 2025/09/09 12:0 a.m.•4 views

PT-2025-36787

Name of the Vulnerable Software and Affected Versions: Tenda G3 version 3.0br V15.11.0.17 Description: The Tenda G3 version 3.0br V15.11.0.17 contains multiple stack overflows in the formIPMacBindModify function. These overflows occur via the ruleId, ip, mac, v6, and remark parameters. A crafted...

7.5CVSS6.6AI score0.00456EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added 2025/09/02 12:0 a.m.•2 views

openSUSE 15: jetty-annotations / jetty-ant / jetty-cdi / jetty-client / etc (SUSE-SU-2025:02993-2)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02993-2 advisory. Upgraded to version 9.4.58.v20250814: - CVE-2025-5115: Fixed MadeYouReset DoS attack via HTTP/2 protocol including DNS over HTTPS bsc1244252 Tenable has...

7.7CVSS7AI score0.01567EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2025/08/31 6:11 p.m.•3 views

CVE-2025-30263

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0...

6.5CVSS6.9AI score0.00419EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2025/08/31 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-55163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS...

8.2CVSS6.6AI score0.00979EPSS
Exploits1References2
Vulnrichment
Vulnrichment
•added 2025/08/29 11:31 p.m.•1 views

CVE-2025-34165 NetSupport Manager < 14.12.0000 Stack-Based Buffer Overflow

A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service DoS or potentially leak a limited amount of memory...

8.8CVSS6.6AI score0.00467EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2025/08/29 5:14 p.m.•2 views

CVE-2025-29889 File Station 5

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...

5.3CVSS6.3AI score0.00419EPSS
Exploits0References1
Rows per page
Query Builder