Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

SUSE CVE
SUSE CVEadded 2025/11/29 12:23 a.m.1 views

SUSE CVE-2025-66382

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time...

4CVSS6.8AI score0.0001EPSS
Exploits0References3
OSV
OSVadded 2025/11/28 7:15 a.m.1 views

UBUNTU-CVE-2025-66382

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time...

5.5CVSS5.8AI score0.0001EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/11/28 12:0 a.m.5 views

libexpat 安全漏洞

libexpat is a streaming XML parser written in C by the libexpat team. A security vulnerability exists in libexpat 2.7.3 and earlier versions, which stems from specially crafted files that may result in excessive processing times...

5.5CVSS6.5AI score0.0001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2021/08/18 4:11 p.m.3 views

CVE-2021-23424

This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time...

7.5CVSS5.3AI score0.00574EPSS
Exploits1References4
Veracode
Veracodeadded 2021/03/15 1:24 a.m.27 views

Regular Expression Denial Of Service (ReDoS)

ssri is vulnerable to regular expression denial of service. An attacker is able to crash the application by submitting a malicious string when the Integrity metadata is using the strict option. This results in a long processing time which would lead to the application crash...

7.5CVSS3.2AI score0.02458EPSS
Exploits1References6Affected Software4
Tenable Nessus
Tenable Nessusadded 2020/01/02 12:0 a.m.35 views

EulerOS 2.0 SP8 : python-pillow (EulerOS-SA-2020-1026)

According to the version of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very lar...

7.5CVSS6.5AI score0.03942EPSS
Exploits0References2
OSV
OSVadded 2019/10/22 2:40 p.m.39 views

GHSA-J7MJ-748X-7P78 DOS attack in Pillow when processing specially crafted image files

An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image...

8.7CVSS7.4AI score0.03942EPSS
Exploits0References18
Prion
Prionadded 2019/10/04 10:15 p.m.17 views

Code injection

An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image...

5CVSS8.2AI score0.03942EPSS
Exploits0References11Affected Software2
Veracode
Veracodeadded 2017/09/26 9:49 a.m.23 views

Regular Expression Denial Of Service (ReDoS)

mime is vulnerable to regular expression denial of service ReDoS attacks. The library does not restrict the type of characters that it takes in, causing the application to take a long time to process. A malicious user can use this behaviour to cause a ReDoS...

7.5CVSS7.3AI score0.00433EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder