Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1225 matches found

NVD
NVDadded 3 days ago14 views

CVE-2026-10231

A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...

5.3CVSS0.00013EPSS
Exploits0References7
OSV
OSVadded 3 days ago2 views

UBUNTU-CVE-2026-10231

A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...

5.3CVSS5.9AI score0.00013EPSS
Exploits0References9
Cvelist
Cvelistadded 3 days ago26 views

CVE-2026-10231 Assimp Half-Life 1 MDL Loader HL1MDLLoader.cpp extract_anim_value heap-based overflow

A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...

5.3CVSS0.00013EPSS
Exploits0References7
EUVD
EUVDadded 3 days ago7 views

EUVD-2026-33564

A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...

5.3CVSS6.2AI score0.00013EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 3 days ago7 views

CVE-2026-10231

A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...

5.3CVSS6.2AI score0.00013EPSS
Exploits0References7
CVE
CVEadded 3 days ago8 views

CVE-2026-10231

CVE-2026-10231 affects Assimp up to 6.0.4, specifically the HL1MDLLoader.cpp function HL1MDLLoader::extract_anim_value. A heap-based buffer overflow is triggered by manipulating the num.total argument. The attack requires local access, and public PoC/exploit material exists. The description does ...

5.3CVSS6.2AI score0.00013EPSS
Exploits0References7
Debian CVE
Debian CVEadded 3 days ago6 views

CVE-2026-10231

A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...

5.3CVSS6.2AI score0.00013EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 6 days ago4 views

CVE-2018-25401

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attackers can send GET requests to severgraph.php with crafted SQL payloads to extract sensitive databas...

8.8CVSS6.1AI score0.00068EPSS
Exploits0References4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 6 days ago7 views

Security Bulletin: There is a vulnerability in pdfbox-2.0.28.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-33929)

Summary There is a vulnerability in pdfbox-2.0.28.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-33929 DESCRIPTION: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache PDFBox Examples...

4.3CVSS5.7AI score0.00259EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVEadded 2026/05/28 3:54 a.m.7 views

SUSE CVE-2026-46010

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

5.8AI score0.00053EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/28 3:53 a.m.6 views

SUSE CVE-2026-46039

In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgkextracttoken when checking the length of the ticket. Rather than rounding up the value to be tested which might overflow, round down the...

9.8CVSS5.8AI score0.00053EPSS
Exploits0References3
CVE
CVEadded 2026/05/27 5:11 p.m.9 views

CVE-2026-45548

The CVE-2026-45548 entries describe a Server-Side Request Forgery (SSRF) in Budibase where processUrlFile (AI Extract File step) calls fetch(fileUrl) without the IP blacklist, bypassing protections used by other automation steps. This allowed an authenticated builder to trigger server-side reques...

7.7CVSS5.8AI score0.00032EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/27 5:11 p.m.3 views

CVE-2026-45548 Budibase: SSRF in AI Extract File Automation Step via Missing IP Blacklist Validation

Budibase is an open-source low-code platform. Prior to 3.34.8, the processUrlFile function in packages/server/src/automations/steps/ai/extract.ts uses fetchfileUrl directly without the IP blacklist validation that is consistently applied to all other automation steps. This allows an authenticated...

7.7CVSS5.8AI score0.00032EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/27 5:11 p.m.34 views

CVE-2026-45548 Budibase: SSRF in AI Extract File Automation Step via Missing IP Blacklist Validation

Budibase is an open-source low-code platform. Prior to 3.34.8, the processUrlFile function in packages/server/src/automations/steps/ai/extract.ts uses fetchfileUrl directly without the IP blacklist validation that is consistently applied to all other automation steps. This allows an authenticated...

7.7CVSS0.00032EPSS
Exploits0References2
NVD
NVDadded 2026/05/27 2:17 p.m.4 views

CVE-2026-46039

In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgkextracttoken when checking the length of the ticket. Rather than rounding up the value to be tested which might overflow, round down the...

9.8CVSS0.00053EPSS
Exploits0References3
OSV
OSVadded 2026/05/27 2:17 p.m.2 views

UBUNTU-CVE-2026-46039

In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgkextracttoken when checking the length of the ticket. Rather than rounding up the value to be tested which might overflow, round down the...

9.8CVSS5.7AI score0.00053EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/27 12:56 p.m.4 views

EUVD-2026-32420

In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgkextracttoken when checking the length of the ticket. Rather than rounding up the value to be tested which might overflow, round down the...

5.8AI score0.00053EPSS
Exploits0References3
CVE
CVEadded 2026/05/27 12:56 p.m.12 views

CVE-2026-46039

CVE-2026-46039 affects the Linux kernel. The root cause is a potential integer overflow in rxgk_extract_token() during the length check. The fix changes the check to round down the size of the available data rather than rounding up, preventing overflow. Kernel commits upstream (listed in referenc...

9.8CVSS5.8AI score0.00053EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/05/27 12:56 p.m.6 views

CVE-2026-46010

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

8.1CVSS5.7AI score0.00053EPSS
Exploits0
GithubExploit
GithubExploitadded 2026/05/27 5:49 a.m.67 views

Exploit for CVE-2026-5172

CVE20265172poc CVE-2026-5172: buffer overflow in extractaddre...

7.3CVSS6AI score0.00024EPSS
Exploits1
Rows per page
Query Builder