Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Cvelist
Cvelistadded 2026/05/13 6:1 p.m.33 views

CVE-2026-42579 Netty: DNS Codec Input Validation Bypass in Netty (Encoder + Decoder)

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's DNS codec does not enforce RFC 1035 domain name constraints during either encoding or decoding. This creates a bidirectional attack surface: malicious DNS responses can exploit t...

7.5CVSS0.00418EPSS
Exploits1References1
OSV
OSVadded 2026/01/12 5:39 p.m.2 views

GO-2026-4280 Sliver Vulnerable to Pre-Auth Memory Exhaustion via NoEncoder Bypass in github.com/bishopfox/sliver

Sliver Vulnerable to Pre-Auth Memory Exhaustion via NoEncoder Bypass in github.com/bishopfox/sliver...

6.9AI score
Exploits0References1
OSV
OSVadded 2026/01/05 7:43 p.m.1 views

GHSA-HJR9-WJ7V-7HV8 Sliver Vulnerable to Pre-Auth Memory Exhaustion via NoEncoder Bypass

Summary A specially crafted nonce routes unauthenticated requests through the NoEncoder path, where startSessionHandler reads the entire request body without limits, allowing attacker-driven memory exhaustion and process crash. Details - server/encoders/encoders.go: EncoderFromNonce returns...

6.9CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder