Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16590 matches found

Cvelist
Cvelistadded 2024/05/07 12:0 a.m.13 views

CVE-2023-46012

Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute arbitrary code via an HTTP request to the IGD UPnP...

7.9AI score0.01623EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2024/05/07 12:0 a.m.11 views

CVE-2023-46012

Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute arbitrary code via an HTTP request to the IGD UPnP...

8AI score0.01623EPSS
Exploits2References1
OpenVAS
OpenVASadded 2024/05/07 12:0 a.m.31 views

TBK DVR devices OS Command Injection Vulnerability (Apr 2024) - Active Check

TBK DVR devices are prone to an OS command injection vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

6.5CVSS7AI score0.86489EPSS
Exploits0References1
OpenVAS
OpenVASadded 2024/05/07 12:0 a.m.35 views

aiohttp < 3.8.6 HTTP Request Smuggling Vulnerability - Windows

aiohttp is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.5AI score0.0085EPSS
Exploits1References1
OpenVAS
OpenVASadded 2024/05/07 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2024:1346-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.8AI score0.87211EPSS
Exploits1References5
OpenVAS
OpenVASadded 2024/05/07 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2024:1355-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.8AI score0.87211EPSS
Exploits1References5
OpenVAS
OpenVASadded 2024/05/07 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2024:1306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.8AI score0.87211EPSS
Exploits1References5
OpenVAS
OpenVASadded 2024/05/07 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2024:1440-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.02996EPSS
Exploits0References4
OpenVAS
OpenVASadded 2024/05/07 12:0 a.m.26 views

aiohttp < 3.8.5 HTTP Request Smuggling Vulnerability - Linux

aiohttp is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.6AI score0.03906EPSS
Exploits2References1
OpenVAS
OpenVASadded 2024/05/07 12:0 a.m.28 views

aiohttp < 3.8.5 HTTP Request Smuggling Vulnerability - Windows

aiohttp is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS8.8AI score0.03906EPSS
Exploits2References1
OpenVAS
OpenVASadded 2024/05/07 12:0 a.m.25 views

aiohttp < 3.8.6 HTTP Request Smuggling Vulnerability - Linux

aiohttp is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.5AI score0.0085EPSS
Exploits1References1
Rockylinux
Rockylinuxadded 2024/05/06 1:5 p.m.51 views

nodejs:20 security update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

9.8CVSS7.5AI score0.03168EPSS
Exploits0
Rockylinux
Rockylinuxadded 2024/05/06 1:4 p.m.49 views

nodejs:20 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS8.2AI score0.03168EPSS
Exploits0
OSV
OSVadded 2024/05/06 1:4 p.m.70 views

RLSA-2024:1687 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTT...

9.8CVSS7.4AI score0.03168EPSS
Exploits0References8
OSV
OSVadded 2024/05/04 7:16 a.m.22 views

BIT-APISIX-2024-32638 Apache APISIX: Forward-Auth Request Smuggling

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in Apache APISIX when using forward-auth plugin.This issue affects Apache APISIX: from 3.8.0, 3.9.0. Users are recommended to upgrade to version 3.8.1, 3.9.1 or higher, which fixes the issue...

6.3CVSS6.3AI score0.01065EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletinsadded 2024/05/03 10:32 a.m.41 views

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details...

8.7CVSS9.5AI score0.02996EPSS
Exploits6Affected Software1
NVD
NVDadded 2024/05/03 3:15 a.m.29 views

CVE-2023-41229

D-Link DIR-3040 HTTP Request Processing Referer Heap-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this...

8.8CVSS9.2AI score0.00846EPSS
Exploits0References2
NVD
NVDadded 2024/05/03 3:15 a.m.38 views

CVE-2023-41230

D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this...

8.8CVSS8AI score0.00759EPSS
Exploits0References2
CVE
CVEadded 2024/05/03 2:12 a.m.71 views

CVE-2023-41230

The CVE-2023-41230 issue affects D-Link DIR-3040 routers. The vulnerable component is prog.cgi serving HNAP requests on lighttpd (ports 80/443). Root-context code execution arises from a stack-based buffer overflow caused by copying an unchecked user-supplied string into a fixed-size local buffer...

8.8CVSS8AI score0.00759EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2024/05/03 2:12 a.m.46 views

CVE-2023-41230 D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this...

7.5CVSS8.2AI score0.00759EPSS
Exploits0References2
Rows per page
Query Builder