Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

GitLab Advisory Database
GitLab Advisory Databaseadded 2026/03/02 12:0 a.m.5 views

`melange update-cache` has unbounded HTTP download that can exhaust disk in CI

melange update-cache downloads URIs from build configs via io.Copy without any size limit or HTTP client timeout pkg/renovate/cache/cache.go. An attacker-controlled URI in a melange config can cause unbounded disk writes, exhausting disk on the build runner. Affected versions = 0.40.5. Fix: Merge...

4.3CVSS5.9AI score0.00049EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2025/11/24 10:54 a.m.1 views

SUSE-SU-2025:4196-1 Security update for grub2

This update for grub2 fixes the following issues: - CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 - CVE-2025-54771: Fixed rubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-61661: Fixed out-of-bounds write in...

7.8CVSS5.9AI score0.00027EPSS
Exploits0References17
CVE
CVEadded 2025/03/20 10:10 a.m.44 views

CVE-2024-11040

CVE-2024-11040 entry is rejected and not used; duplicate of CVE-2024-8939.

7.5AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2025/03/20 10:10 a.m.7 views

CVE-2024-11040

...

7.6AI score
Exploits0
RedhatCVE
RedhatCVEadded 2020/08/18 7:29 p.m.29 views

CVE-2020-10758

A flaw was found in Keycloak. This flaw allows an attacker to perform a denial of service attack by sending multiple simultaneous requests with a Content-Length header value greater than the actual byte count of the request body. The highest threat from this vulnerability is to system availabilit...

7.5CVSS0.5AI score0.00529EPSS
Exploits0References3
Kitploit
Kitploitadded 2020/02/29 8:40 p.m.129 views

Extended-SSRF-Search - Smart SSRF Scanner Using Different Methods Like Parameter Brute Forcing In Post And Get...

This tool search for SSRF using predefined settings in different parts of a request path, host, headers, post and get parameters. First step Rename example.app-settings.conf to app-settings.conf and adjust settings. The most important setting is the callback url. I recommend to use burp...

7.1AI score
Exploits0References1
Nextcloud
Nextcloudadded 2019/09/04 12:0 a.m.22 views

Missing default timeout on HTTP requests (NC-SA-2020-005)

Dangling remote share attempts in Nextcloud 16 allow a DNS pollution when running long...

4CVSS1.7AI score0.00255EPSS
Exploits0Affected Software1
Metasploit
Metasploitadded 2017/01/07 6:44 p.m.17 views

DiskBoss Enterprise GET Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskBoss Enterprise v7.5.12, v7.4.28, and v8.2.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on...

7.4AI score
Exploits0
Metasploit
Metasploitadded 2013/12/19 11:48 p.m.24 views

HP SiteScope issueSiebelCmd Remote Code Execution

This module exploits a code execution flaw in HP SiteScope. The vulnerability exists in the APISiteScopeImpl web service, specifically in the issueSiebelCmd method, which allows the user to execute arbitrary commands without authentication. This module has been tested successfully on HP SiteScope...

7.5CVSS8.1AI score0.78003EPSS
Exploits5
Rows per page
Query Builder