Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Veracode
Veracodeadded 2025/07/10 5:46 a.m.2 views

Stack Overflow

llamaindexcore is vulnerable to stack overflow. The vulnerability is due to unsafe recursive traversal without depth validation, which allows an attacker to submit deeply nested JSON structures and trigger a Denial of Service DoS by causing a RecursionError and crashing the application...

6.5CVSS6.3AI score0.00162EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2025/07/02 12:0 a.m.2 views

PT-2025-27665 · Unknown · Llama Index

Name of the Vulnerable Software and Affected Versions: llama index versions prior to 0.12.28 llama index version 0.12.28 Description: The JSONReader in the affected software is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This allows attackers to trigger a Denial of...

6.5CVSS6.5AI score0.00162EPSS
Exploits1References10
RedhatCVE
RedhatCVEadded 2025/05/22 4:54 p.m.2 views

CVE-2020-9343

An issue was discovered in signotec signoPAD-API/Web formerly Websocket Pad Server before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the implementation doesn't limit the parsing of nested JSON structures. If a victim visits an attacker-controlled website, this...

6.5CVSS6.8AI score0.00559EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/06/03 3:16 p.m.13 views

CVE-2024-32983 Misskey allows the impersonation and takeover of remote accounts with unnormalized signed activities

Misskey is an open source, decentralized microblogging platform. Misskey doesn't perform proper normalization on the JSON structures of incoming signed ActivityPub activity objects before processing them, allowing threat actors to spoof the contents of signed activities and impersonate the author...

8.2CVSS6.7AI score0.0028EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2017/03/01 12:0 a.m.13 views

Fedora 25 : python-cjson (2017-7803508155)

This update prevents python-cjson from crashing when attempting to parse heavily nested JSON structures which could be exploited for denial of service purposes, against any application that uses python-cjson to parse arbitrary input. Note that Tenable Network Security has extracted the preceding...

5.7AI score
Exploits0References1
OpenVAS
OpenVASadded 2011/08/03 12:0 a.m.21 views

Debian Security Advisory DSA 2246-1 (mahara)

The remote host is missing an update to mahara announced via advisory DSA 2246-1. OpenVAS Vulnerability Test $Id: deb22461.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2246-1 mahara Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

6.8CVSS0.3AI score0.00837EPSS
Exploits0
Debian
Debianadded 2011/05/29 11:48 a.m.23 views

[SECURITY] [DSA 2246-1] mahara security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2246-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano May 29, 2011 http://www.debian.org/security/faq -...

6.8CVSS6AI score0.00837EPSS
Exploits0
OSV
OSVadded 2011/05/29 12:0 a.m.25 views

DSA-2246-1 mahara - several vulnerabilities

Bulletin has no description...

6.8CVSS6AI score0.00837EPSS
Exploits0
Rows per page
Query Builder