CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

UbuntuCve•added 2025/10/29 11:16 p.m.•3 views

CVE-2025-58185

Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion...

5.3CVSS7.1AI score0.00034EPSS

Exploits0References5

UbuntuCve•added 2025/10/29 11:16 p.m.•1 views

CVE-2025-58183

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS7.1AI score0.00018EPSS

Exploits0References5

UbuntuCve•added 2025/10/29 11:16 p.m.•2 views

CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS7.1AI score0.00023EPSS

Exploits0References5

UbuntuCve•added 2025/10/29 11:16 p.m.•2 views

CVE-2025-58186

Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...

5.3CVSS7.1AI score0.00041EPSS

Exploits0References5

OSV•added 2021/04/06 7:15 p.m.•14 views

PYSEC-2021-111

projen is a project generation tool that synthesizes project configuration files such as package.json, tsconfig.json, .gitignore, GitHub Workflows, eslint, jest, and more, from a well-typed definition written in JavaScript. Users of projen's NodeProject project type including any project type...

8.1CVSS1.4AI score0.00672EPSS

Exploits0References3

Github Security Blog•added 2021/04/06 6:36 p.m.•243 views

Rebuild-bot workflow may allow unauthorised repository modifications

Impact projen is a project generation tool that synthesizes project configuration files such as package.json, tsconfig.json, .gitignore, GitHub Workflows, eslint, jest, and more, from a well-typed definition written in JavaScript. Users of projen's NodeProject project type including any project...

8.1CVSS1AI score0.00672EPSS

Exploits0References6Affected Software1

Cvelist•added 2021/04/06 6:35 p.m.•16 views

CVE-2021-21423 Exposure of Version-Control Repository to an Unauthorized Control Sphere in projen

6.8CVSS8.4AI score0.00672EPSS

Exploits0References3

CNNVD•added 2021/04/06 12:0 a.m.•0 views

Github projen 安全漏洞

Github projen is a Github open source application. It synthesizes project configuration files. A security vulnerability exists in projen that allows any GitHub user to trigger the execution of untrusted code in the context of the "main" repository...

8.1CVSS8AI score0.00672EPSS

Exploits0References4

Tenable Nessus•added 2012/09/06 12:0 a.m.•29 views

Mandriva Linux Security Advisory : libreoffice (MDVSA-2011:172)

Multiple vulnerabilies has been discovered and corrected in libreoffice : Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file CVE-2011-2685. oowriter in OpenOffice.org 3.3.0 and...

9.3CVSS6AI score0.13894EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by