Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/03/19 9:31 p.m.3 views

GHSA-GRR9-747V-XVCP Scriban has an Infinite Recursion during Object Rendering Leads to Stack Overflow and Process Crash (Denial of Service)

When Scriban renders an object that contains a circular reference, it traverses the object's members infinitely. Because the ObjectRecursionLimit property defaults to unlimited, this behavior exhausts the thread's stack space, triggering an uncatchable StackOverflowException that immediately...

7.5CVSS5.9AI score
Exploits0References3
Snyk
Snykadded 2026/03/19 9:31 p.m.1 views

Uncontrolled Recursion

Overview Scriban.Signed is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Affected versions of this package are vulnerable to Uncontrolled Recursion due to the...

8.7CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 2026/01/28 4:50 p.m.3 views

Prototype Pollution

Overview jsonpath is a Query JavaScript objects with JSONPath expressions. Robust / safe JSONPath engine for Node.js. Affected versions of this package are vulnerable to Prototype Pollution via the value function. An attacker can modify the prototype of built-in objects by supplying crafted input...

9.8CVSS6.5AI score0.00089EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/07/11 12:0 a.m.4 views

CVE-2025-53864

Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2i...

5.8CVSS6.9AI score0.00143EPSS
Exploits0References5
CNNVD
CNNVDadded 2023/07/31 12:0 a.m.4 views

PTC Kepware KEPServerEX 缓冲区错误漏洞

PTC Kepware KEPServerEX is an industrial automation data connectivity solution u200bu200b from PTC Corporation. A buffer error vulnerability exists in PTC Kepware KEPServerEX versions 6.0 through 6.14.263, which stems from the vulnerability of being easily forced to read recursively defined...

7.5CVSS7.5AI score0.00107EPSS
Exploits0References2
CNNVD
CNNVDadded 2021/09/17 12:0 a.m.2 views

Cookiex-Deep 安全漏洞

Cookiex-Deep is a library. It is used to add object recursion to a target. Cookiex-Deep has a security vulnerability that can be exploited by an attacker to cause proto objects to contaminate global proto objects...

9.8CVSS8.2AI score0.005EPSS
Exploits1References4
Snyk
Snykadded 2018/09/06 11:29 p.m.1 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. Details Denial of Service DoS describes a family o...

6.5CVSS7.2AI score0.02049EPSS
Exploits1References2
Rows per page
Query Builder