Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

UbuntuCve
UbuntuCveadded 2025/10/29 11:16 p.m.3 views

CVE-2025-58185

Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion...

5.3CVSS7.1AI score0.00481EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2025/10/29 11:16 p.m.3 views

CVE-2025-58188

Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains...

7.5CVSS7AI score0.00344EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2025/10/29 11:16 p.m.3 views

CVE-2025-58189

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information the ALPN protocols sent by the client which is not escaped...

5.3CVSS7.1AI score0.00405EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2025/09/22 9:15 p.m.2 views

CVE-2025-47910

When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections...

5.4CVSS7.1AI score0.00312EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2025/06/11 5:15 p.m.7 views

CVE-2025-22874

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...

7.5CVSS6.9AI score0.00311EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2025/03/12 7:15 p.m.14 views

CVE-2025-22870

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...

4.4CVSS6.7AI score0.0035EPSS
Exploits2References4
UbuntuCve
UbuntuCveadded 2025/02/06 5:15 p.m.10 views

CVE-2025-22866

Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private...

4CVSS6.8AI score0.00258EPSS
Exploits0References10
UbuntuCve
UbuntuCveadded 2025/01/28 2:15 a.m.13 views

CVE-2024-45336

The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however,...

6.1CVSS6.8AI score0.0062EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2025/01/28 12:0 a.m.9 views

CVE-2025-22865

Using ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key is well formed...

7.5CVSS7AI score0.00562EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2024/09/06 9:15 p.m.5 views

CVE-2024-34156

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

7.5CVSS6.9AI score0.01127EPSS
Exploits0References10
Rows per page
Query Builder