Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/04/24 8:0 a.m.0 views

EUVD-2026-25408

Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting maxresultlimit in the search config, e.g. to 262144 2^18...

7.5CVSS5.2AI score0.00018EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/04/07 11:2 a.m.2 views

Security Bulletin: SQL Injection Vulnerability in Apache Hive Metastore Server Thrift APIs, affects watsonx.data

Summary Apache Hive versions 4.1.0 before 4.2.0 are vulnerable to SQL injection in Hive Metastore Server when handling delete column statistics via Thrift APIs. Exploitation is limited to authorized users with API access. Upgrading to 4.2.0 or disabling direct SQL metastore.try.direct.sql=false...

5.4CVSS5.9AI score0.0012EPSS
Exploits0Affected Software1
OSV
OSVadded 2026/01/27 12:0 a.m.0 views

UBUNTU-CVE-2025-66199

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS6.8AI score0.00114EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/01/21 12:0 a.m.3 views

PT-2026-3852

EVerest is an EV charging software stack. In all versions up to and including 2025.12.1, the default value for terminate connection on failed response is False, which leaves the responsibility for session and connection termination to the EV. In this configuration, any errors encountered by the...

4.3CVSS5.3AI score0.00033EPSS
Exploits0References2
OSV
OSVadded 2025/10/27 8:46 p.m.0 views

GHSA-Q8HQ-4H99-FJ7X Keycloak TLS Client-Initiated Renegotiation Denial of Service

Keycloak is vulnerable to a Denial of Service DoS attack due to the default JDK setting that permits Client-Initiated Renegotiation in TLS 1.2. An unauthenticated remote attacker can repeatedly initiate TLS renegotiation requests to exhaust server CPU resources, making the service unavailable...

7.5CVSS6AI score0.00105EPSS
Exploits0References11
OSV
OSVadded 2022/03/02 11:15 p.m.1 views

DEBIAN-CVE-2021-3677

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include...

6.5CVSS7.1AI score0.00284EPSS
Exploits0References1
OSV
OSVadded 2021/12/14 9:7 p.m.0 views

GHSA-MF4F-J588-5XM8 Apache Log4j Remote Code Execution

Impact Opencast uses an Apache Log4j2 version which, combined with older JDK versions, can be used for remote code execution attacks which have been found to be actively exploited. Apache Log4j2 =2.14.1 JNDI features is not sufficiently protected. An attacker who can control log messages or log...

10CVSS7.8AI score0.94358EPSS
Exploits341References6
Rows per page
Query Builder