CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Netty-codec and Netty-handler. Vulnerabilities include an incorrect validation of special crafted packet via SslHandler can lead to a native crash, the SniHandler can allocate up to 16MB of heap for each chann...

7.8CVSS6.7AI score0.9439EPSS

Exploits22Affected Software1

CNNVD•added 2025/09/25 12:0 a.m.•2 views

Rack 安全漏洞

Rack is a modular Ruby web server interface open-sourced by Rack. A security vulnerability exists in Rack versions prior to 2.2.18, which stems from the fact that Rack::QueryParser enforces the paramslimit restriction only on parameters separated by &, but still accepts both & and ; as separators...

7.5CVSS6.7AI score0.00228EPSS

Exploits0References3

Positive Technologies•added 2025/09/15 12:0 a.m.•5 views

PT-2025-37567

Name of the Vulnerable Software and Affected Versions Temporal Server versions prior to 1.26.3 Temporal Server versions prior to 1.27.3 Temporal Server versions prior to 1.28.1 Description Insufficiently specific bounds checking on the authorization header could lead to denial of service in the...

9.9CVSS6.4AI score0.50933EPSS

Exploits20References48

OSV•added 2025/09/12 1:16 a.m.•1 views

CVE-2025-58754 Axios is vulnerable to DoS attack through lack of data size check

Axios is a promise based HTTP client for the browser and Node.js. When Axios starting in version 0.28.0 and prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL with the data: scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory...

7.5CVSS6.2AI score0.0034EPSS

Exploits1References10

NVD•added 2025/09/10 6:15 p.m.•6 views

CVE-2025-8696

If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server. This issue affects Stork versions 1.0.0 through 2.3.0...

7.5CVSS0.00226EPSS

Exploits0References2

Tenable Nessus•added 2025/09/10 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2022-41846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp...

5.5CVSS6.1AI score0.00126EPSS

Exploits1References2

CNNVD•added 2025/09/10 12:0 a.m.•2 views

ISC Stork 安全漏洞

ISC Stork is a web management platform for the ISC organization. A security vulnerability exists in ISC Stork version 2.3.0 and earlier, which stems from a large amount of data sent by an unauthenticated user could lead to memory and disk usage issues...

7.5CVSS6.5AI score0.00226EPSS

Exploits0References2

Positive Technologies•added 2025/09/10 12:0 a.m.•3 views

PT-2025-37086

Name of the Vulnerable Software and Affected Versions: Stork versions 1.0.0 through 2.3.0 Description: An unauthenticated user sending a large amount of data to the Stork UI may cause memory and disk usage problems on the system running the Stork server. Recommendations: For versions 1.0.0 throug...

7.5CVSS6.5AI score0.00226EPSS

Exploits0References6

Tenable Nessus•added 2025/09/10 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-40736

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4CttsAtom::Create in Core/Ap4CttsAtom.cpp. CVE-2022-40736 Note that Ness...

6.5CVSS6.7AI score0.00403EPSS

Exploits1References2

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-46736

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to orphan file size verification in the ext4 filesystem. An orphan file could be arbitrarily large, potentially leading to excessive memory...

3.8CVSS7.5AI score0.00046EPSS

Exploits0

Debian•added 2025/09/08 1:26 p.m.•6 views

[SECURITY] [DLA 4295-1] libhtp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4295-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 08, 2025 https://wiki.debian.org/LTS -...

7.5CVSS7.7AI score0.005EPSS

Exploits2

RedhatCVE•added 2025/08/30 6:21 p.m.•3 views

CVE-2025-43960

Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...

8.6CVSS7AI score0.00508EPSS

Exploits2References1

OSV•added 2025/08/30 8:51 a.m.•1 views

BIT-VAULT-2025-6203 Vault unauthenticated denial of service through complex json payload

A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to become...

7.5CVSS6.5AI score0.00132EPSS

Exploits0References2

OSV•added 2025/08/29 2:52 p.m.•1 views

GO-2025-3897 CRI-O has Potential High Memory Consumption from File Read in github.com/cri-o/cri-o

CRI-O has Potential High Memory Consumption from File Read in github.com/cri-o/cri-o...

5.7CVSS7.1AI score0.00069EPSS

Exploits0References4