Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedHat Linux
RedHat Linuxadded 2026/02/03 1:31 p.m.4 views

openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where control characters in usernames were not properly validated when sourced from untrusted inputs like the command line or configuration expansion. If a ProxyCommand is used, these control characters could modify command behavior, potentially leading to code executi...

3.6CVSS6.4AI score0.00012EPSS
Exploits2References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2016-2866

Malware in sbrugna...

7.1CVSS7.5AI score0.0048EPSS
Exploits0References5
CVE
CVEadded 2025/10/06 12:0 a.m.1330 views

CVE-2025-61984

CVE-2025-61984 affects OpenSSH before 10.1. It allows control characters in usernames originating from untrusted sources (command line or %-sequence expansion in a config file), potentially enabling code execution when a ProxyCommand is used. A config file that provides a complete literal usernam...

3.6CVSS7.3AI score0.00012EPSS
Exploits2References8
Cvelist
Cvelistadded 2025/05/02 12:35 a.m.15 views

CVE-2024-55909 IBM Concert Software denial of service

IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consumption...

6.5CVSS0.00186EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/05/02 12:0 a.m.3 views

PT-2025-18730 · Ibm · Ibm Concert

Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.0.5 Description: The issue allows an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consumption. Recommendations: For IBM Concer...

6.5CVSS8.2AI score0.00186EPSS
Exploits0References9
Cvelist
Cvelistadded 2024/06/19 5:37 p.m.29 views

CVE-2024-36116 Path traversal in Reposilite javadoc file expansion

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the...

7.5CVSS0.17984EPSS
Exploits1References3
OSV
OSVadded 2024/01/24 6:15 p.m.3 views

CVE-2024-23899

Jenkins Git server Plugin 99.va0826abcdfad and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing attackers with Overall/Read permission to read content from arbitrary files on the Jenki...

6.5CVSS6.9AI score
Exploits0References2
OSV
OSVadded 2016/03/24 1:59 a.m.1 views

CVE-2016-1771

The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site...

6.5CVSS7.3AI score0.0048EPSS
Exploits0References4
Rows per page
Query Builder