Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11955 matches found

OSV
OSVadded 2026/02/13 10:16 p.m.3 views

CVE-2025-70954

A Null Pointer Dereference vulnerability exists in the TON Virtual Machine TVM within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. By sending a...

7.5CVSS5.8AI score
Exploits0References5
OSV
OSVadded 2026/02/13 10:16 p.m.3 views

CVE-2025-70956

A State Pollution vulnerability was discovered in the TON Virtual Machine TVM before v2025.04. The issue exists in the RUNVM instruction logic VmState::runchildvm, which is responsible for initializing child virtual machines. The operation moves critical resources specifically libraries and log...

7.5CVSS5.9AI score
Exploits0References4
OSV
OSVadded 2026/02/13 10:16 p.m.6 views

CVE-2025-70955

A Stack Overflow vulnerability was discovered in the TON Virtual Machine TVM before v2024.10. The vulnerability stems from the improper handling of vmstate and continuation jump instructions, which allow for continuous dynamic tail calls. An attacker can exploit this by crafting a smart contract...

7.5CVSS5.9AI score
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/02/13 8:51 p.m.8 views

CVE-2026-26335

Calero VeraSMART versions prior to 2022 R1 use static ASP.NET/IIS machineKey values configured for the VeraSMART web application and stored in C:\Program Files x86\Veramark\VeraSMART\WebRoot\web.config. An attacker who obtains these keys can craft a valid ASP.NET ViewState payload that passes...

9.3CVSS6.6AI score0.02806EPSS
Exploits3References3
Vulnrichment
Vulnrichmentadded 2026/02/13 8:51 p.m.8 views

CVE-2026-26335 Calero VeraSMART < 2022 R1 Static IIS Machine Keys Enable ViewState RCE

Calero VeraSMART versions prior to 2022 R1 use static ASP.NET/IIS machineKey values configured for the VeraSMART web application and stored in C:\Program Files x86\Veramark\VeraSMART\WebRoot\web.config. An attacker who obtains these keys can craft a valid ASP.NET ViewState payload that passes...

9.3CVSS6.6AI score0.02806EPSS
Exploits3References2
CVE
CVEadded 2026/02/13 8:51 p.m.26 views

CVE-2026-26335

CVE-2026-26335 affects Calero VeraSMART web applications running on IIS where VeraSMART versions prior to 2022 R1 store static machineKey values in web.config. The static keys allow an attacker to craft a valid ASP.NET ViewState payload, bypassing integrity checks and enabling server-side deseria...

9.8CVSS6.6AI score0.02806EPSS
Exploits3References2Affected Software1
NVD
NVDadded 2026/02/13 12:16 a.m.4 views

CVE-2024-21961

Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability...

6CVSS0.00307EPSS
Exploits0References2
CVE
CVEadded 2026/02/13 12:0 a.m.9 views

CVE-2025-70955

The TON Virtual Machine (TVM) vulnerability CVE-2025-70955 affects TVM versions prior to 2024.10. Root cause: improper handling of vmstate and continuation jump instructions, allowing continuous dynamic tail calls. An attacker can craft a smart contract with deeply nested jump logic, leading to n...

7.5CVSS5.9AI score0.00604EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/02/13 12:0 a.m.2 views

Calero VeraSMART 安全漏洞

Calero VeraSMART is a telephone billing software developed by the American company Calero. Versions of Calero VeraSMART prior to 2022 R1 contained security vulnerabilities. These vulnerabilities stemmed from the use of static ASP.NET/IIS machineKey values, which could allow attackers to construct...

9.8CVSS6.2AI score0.02806EPSS
Exploits3References3
CNNVD
CNNVDadded 2026/02/13 12:0 a.m.3 views

TON 安全漏洞

TON is a blockchain software developed under open source. Versions of TON prior to v2025.06 contained security vulnerabilities. These vulnerabilities stemmed from empty pointer dereferences in the TON Virtual Machine, which could allow attackers to cause verification nodes to crash through...

7.5CVSS5.8AI score0.00554EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/02/13 12:0 a.m.4 views

TON 安全漏洞

TON is a blockchain software developed under open source. Versions of TON prior to v2025.04 contained security vulnerabilities. These vulnerabilities stemmed from state pollution in the RUNVM instruction logic, which could lead to corruption of the parent virtual machine’s state...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/02/13 12:0 a.m.22 views

CVE-2025-70956

A State Pollution vulnerability was discovered in the TON Virtual Machine TVM before v2025.04. The issue exists in the RUNVM instruction logic VmState::runchildvm, which is responsible for initializing child virtual machines. The operation moves critical resources specifically libraries and log...

0.00455EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/02/13 12:0 a.m.2 views

CVE-2025-70956

A State Pollution vulnerability was discovered in the TON Virtual Machine TVM before v2025.04. The issue exists in the RUNVM instruction logic VmState::runchildvm, which is responsible for initializing child virtual machines. The operation moves critical resources specifically libraries and log...

5.9AI score0.00455EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/02/13 12:0 a.m.26 views

CVE-2025-70955

A Stack Overflow vulnerability was discovered in the TON Virtual Machine TVM before v2024.10. The vulnerability stems from the improper handling of vmstate and continuation jump instructions, which allow for continuous dynamic tail calls. An attacker can exploit this by crafting a smart contract...

0.00604EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/02/13 12:0 a.m.19 views

CVE-2025-70954

A Null Pointer Dereference vulnerability exists in the TON Virtual Machine TVM within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. By sending a...

0.00554EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/02/13 12:0 a.m.4 views

PT-2026-8029

Name of the Vulnerable Software and Affected Versions TON Virtual Machine TVM versions prior to 2025.04 Description A state pollution issue exists in the TON Virtual Machine TVM due to non-atomic resource handling within the RUNVM instruction logic, specifically in the VmState::run child vm...

5.7AI score0.00455EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/02/13 12:0 a.m.4 views

PT-2026-8036

Name of the Vulnerable Software and Affected Versions TON Virtual Machine versions prior to 2024.10 Description A Stack Overflow issue exists in the TON Virtual Machine TVM. The root cause is the improper handling of vmstate and continuation jump instructions, leading to continuous dynamic tail...

5.8AI score0.00604EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/02/13 12:0 a.m.4 views

CVE-2025-70957

A Denial of Service DoS vulnerability was discovered in the TON Lite Server before v2024.09. The vulnerability arises from the handling of external arguments passed to locally executed "get methods." An attacker can inject a constructed Continuation object an internal TVM type that is normally...

5.7AI score0.00339EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/02/13 12:0 a.m.3 views

CVE-2025-70954

A Null Pointer Dereference vulnerability exists in the TON Virtual Machine TVM within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. By sending a...

5.8AI score0.00554EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/02/13 12:0 a.m.3 views

CVE-2025-70954

A Null Pointer Dereference vulnerability exists in the TON Virtual Machine TVM within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. By sending a...

5.8AI score0.00554EPSS
Exploits0References4
Rows per page
Query Builder