CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

CNNVD•added 2026/01/22 12:0 a.m.•1 views

Dragonfly Access Control Vulnerability

Dragonfly is an open-source framework developed by DragonflyDB, capable of dynamically processing any content type. Versions of Dragonfly 2.4.1-rc.0 and earlier contained a access control vulnerability. This vulnerability stemmed from the absence of JWT authentication and RBAC authorization check...

9.8CVSS5.8AI score0.0012EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-12281

Malicious code in bioql PyPI...

5.5CVSS6.5AI score0.00191EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-28478

Malicious code in bioql PyPI...

9.4CVSS6.5AI score0.00297EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-14851

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0032EPSS

Exploits1References3

CNNVD•added 2025/09/17 12:0 a.m.•2 views

Dragonfly 安全漏洞

Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly versions prior to 2.1.0 that stems from the use of insecure hash functions such as MD5, which could lead to malicious file replacement...

6.9CVSS8.9AI score0.00039EPSS

Exploits0References2

RedhatCVE•added 2025/06/25 9:54 a.m.•5 views

CVE-2025-52935

Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly src/redis/lua/struct modules. This vulnerability is associated with program files luastruct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18...

9.4CVSS7.3AI score0.00297EPSS

Exploits0References1

OSV•added 2025/06/23 10:15 a.m.•2 views

CVE-2025-52935

9.4CVSS7.2AI score

Exploits0References2

NVD•added 2025/06/23 10:15 a.m.•2 views

CVE-2025-52935

9.4CVSS0.00297EPSS

Exploits0References2

Vulnrichment•added 2025/06/23 9:27 a.m.•2 views

CVE-2025-52935 Integer Overflow or Wraparound vulnerability in dragonflydb/dragonfly

9.4CVSS6.6AI score0.00297EPSS

Exploits0References2

Cvelist•added 2025/06/23 9:27 a.m.•11 views

CVE-2025-52935 Integer Overflow or Wraparound vulnerability in dragonflydb/dragonfly

9.4CVSS0.00297EPSS

Exploits0References2

CVE•added 2025/06/23 9:27 a.m.•16 views

CVE-2025-52935

The CVE-2025-52935 entry concerns an Integer Overflow or Wraparound vulnerability in dragonflydb/dragonfly, specifically in the src/redis/lua/struct modules (lua_struct.C). Affected versions are dragonfly 1.28.18 through 1.30.1. The issue is confirmed across multiple sources (e.g., PT-2025-26585)...

9.4CVSS6.7AI score0.00297EPSS

Exploits0References2

RedhatCVE•added 2025/04/26 5:0 a.m.•12 views

CVE-2025-26268

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service daemon crash via a crafted Redis command. The validity of the scan cursor was not checked...

6.5CVSS6.5AI score0.0032EPSS

Exploits1References1

RedhatCVE•added 2025/04/26 4:58 a.m.•9 views

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

5.5CVSS6.7AI score0.00191EPSS

Exploits1References1

NVD•added 2025/04/17 6:15 p.m.•10 views

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

5.5CVSS0.00191EPSS

Exploits1References3

OSV•added 2025/04/17 6:15 p.m.•3 views

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

5.5CVSS4AI score

Exploits0References3

OSV•added 2025/04/17 6:15 p.m.•4 views

CVE-2025-26268

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service daemon crash via a crafted Redis command. The validity of the scan cursor was not checked...

6.5CVSS6.5AI score

Exploits0References3

NVD•added 2025/04/17 6:15 p.m.•11 views

CVE-2025-26268

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service daemon crash via a crafted Redis command. The validity of the scan cursor was not checked...

6.5CVSS0.0032EPSS

Exploits1References3

CVE•added 2025/04/17 12:0 a.m.•55 views

CVE-2025-26268

DragonflyDB pre-1.27.0 is affected. Authenticated users can trigger a denial of service (daemon crash) by sending a crafted Redis command, caused by the scan cursor validity check being missing. Affected: DragonflyDB Dragonfly versions prior to 1.27.0. Remediation: upgrade to 1.27.0 or later (or ...

6.5CVSS3.9AI score0.0032EPSS

Exploits1References3Affected Software1

Cvelist•added 2025/04/17 12:0 a.m.•8 views

CVE-2025-26268

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service daemon crash via a crafted Redis command. The validity of the scan cursor was not checked...

3.3CVSS0.0032EPSS

Exploits1References3

Vulnrichment•added 2025/04/17 12:0 a.m.•7 views

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

3.3CVSS3.9AI score0.00191EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by