Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10274 matches found

Tenable Nessus
Tenable Nessusadded 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-20066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled...

6.8CVSS6.5AI score0.00378EPSS
Exploits1References2
Ubuntu
Ubuntuadded 2025/09/02 6:37 p.m.1 views

USN-7730-1: PIM Messagelib vulnerabilities

Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that PIM Messagelib could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Under certain...

5.9CVSS6.2AI score0.00447EPSS
Exploits3
Tenable Nessus
Tenable Nessusadded 2025/09/02 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-32386

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed e.g...

6.5CVSS6.8AI score0.00022EPSS
Exploits0References2
Veracode
Veracodeadded 2025/09/01 5:13 a.m.4 views

Arbitrary Code Execution

Keras is vulnerable to Arbitrary Code Execution. The vulnerability is due to improper validation in the Model.loadmodel method when loading specially crafted .keras model archives...

8.6CVSS6.7AI score0.00029EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/09/01 12:0 a.m.5 views

Alibaba Cloud Linux 3 : 0146: python-cryptography (ALINUX3-SA-2025:0146)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0146 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-49083: cryptography is a package designed ...

7.5CVSS6.3AI score0.01255EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/31 12:0 a.m.3 views

RHEL 8 : gdk-pixbuf2 (RHSA-2025:14618)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14618 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits suc...

7.5CVSS7.3AI score0.00938EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2025/08/31 12:0 a.m.1 views

RHEL 8 : gdk-pixbuf2 (RHSA-2025:14646)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14646 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits suc...

7.5CVSS7.3AI score0.00938EPSS
Exploits0References5
Veracode
Veracodeadded 2025/08/29 4:7 a.m.3 views

Integer Overflow

executorch is vulnerable to integer overflow. The vulnerability is due to improper handling in model loading that causes smaller-than-expected memory allocation, which allows an attacker to achieve code execution or other malicious effects...

9.8CVSS7.8AI score0.01104EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2025/08/28 8:15 a.m.2 views

CVE-2025-58322

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs due to improper privilege checks...

7.8CVSS5.9AI score0.00022EPSS
Exploits0References1
Packet Storm News
Packet Storm Newsadded 2025/08/27 12:0 a.m.14 views

The Art of Hide and Seek: Making Pickle-Based Model Supply Chain Poisoning Stealthy Again

Pickle deserialization vulnerabilities have persisted throughout Python's history, remaining widely recognized yet unresolved. Due to its ability to transparently save and restore complex objects into byte streams, many AI/ML frameworks continue to adopt pickle as the model serialization protocol...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-0545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacke...

7.8CVSS7.2AI score0.00375EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2020-10289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe parsing of YAML values which happens whenever an acti...

8.8CVSS8.1AI score0.00802EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-5051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer...

8.8CVSS8.4AI score0.01381EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2025/08/26 9:40 p.m.5 views

Picklescan is missing detection when calling built-in python library asyncio.unix_events._UnixSubprocessTransport._start

Summary Using asyncio.unixevents.UnixSubprocessTransport.start function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...

7.9AI score
Exploits0References3Affected Software1
OSV
OSVadded 2025/08/26 9:36 p.m.0 views

GHSA-J343-8V2J-FF7W Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcommand

Summary Using idlelib.pyshell.ModifiedInterpreter.runcommand function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...

7.9AI score
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/08/26 6:39 p.m.7 views

Picklescan has a missing detection when calling built-in python library idlelib.calltip.get_entity

Summary Using idlelib.calltip.getentity function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.calltip.getentity function in reduce method Then whe...

7.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blogadded 2025/08/26 6:37 p.m.3 views

Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.get_entity

Summary Using idlelib.autocomplete.AutoComplete.getentity, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.autocomplete.AutoComplete.getentity functio...

7.9AI score
Exploits0References3Affected Software1
OSV
OSVadded 2025/08/26 6:36 p.m.1 views

GHSA-3VG9-H568-4W9M Picklescan has a missing detection when calling built-in python idlelib.debugobj.ObjectTreeItem

Summary Using idlelib.debugobj.ObjectTreeItem.SetText, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.debugobj.ObjectTreeItem.SetText function in...

7.9AI score
Exploits0References3
RedHat Linux
RedHat Linuxadded 2025/08/26 4:55 p.m.4 views

Moderate: Red Hat Security Advisory: gdk-pixbuf2 security update

An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...

7.5CVSS6.8AI score0.00938EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/08/26 7:30 a.m.4 views

Moderate: Red Hat Security Advisory: gdk-pixbuf2 security update

An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.8AI score0.00938EPSS
Exploits0References2
Rows per page
Query Builder