Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/04/23 12:0 a.m.9 views

PT-2026-34592

PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.4.3, the upload PATCH flow under /files/:uploadId validates the mounted request path using the still-encoded req.path, but the downstream tus handler later writes using the decoded req.params.uploadId. In...

7.5CVSS5.8AI score0.00307EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2026/03/31 11:41 p.m.6 views

openssl-encrypt: TOTP rate limiter is in-memory only — not shared across workers, lost on restart

Severity: HIGH Summary The TOTP brute-force rate limiter in opensslencryptserver/modules/pepper/totp.py at lines 47-98 uses an in-memory defaultdictlist as a class variable. Affected Code python class TOTPRateLimiter: def initself, ...: self.attempts: Dictstr, Listdatetime = defaultdictlist...

5.9AI score
Exploits0References3Affected Software1
RedHat Linux
RedHat Linuxadded 2025/01/02 9:44 p.m.2 views

libreswan: Invalid IKEv2 REKEY proposal causes restart

An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...

6.5CVSS5.8AI score0.00691EPSS
Exploits0References6
OSV
OSVadded 2024/04/11 2:15 a.m.1 views

DEBIAN-CVE-2024-3652

The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected...

6.5CVSS6.3AI score0.008EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2022/02/22 3:16 p.m.3 views

unbound: symbolic link traversal when writing PID file

A symbolic link traversal vulnerability was found in unbound in the way it writes its PID file while starting up. This flaw allows a local attacker with access to the unbound user to set up a link to another file, owned by root, and make unbound overwrite it during its next restart, destroying th...

5.5CVSS7.2AI score0.00484EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2021/05/18 2:39 p.m.3 views

unbound: symbolic link traversal when writing PID file

A symbolic link traversal vulnerability was found in unbound in the way it writes its PID file while starting up. This flaw allows a local attacker with access to the unbound user to set up a link to another file, owned by root, and make unbound overwrite it during its next restart, destroying th...

5.5CVSS7.2AI score0.00484EPSS
Exploits0References4
OSV
OSVadded 2020/09/09 7:15 p.m.3 views

CVE-2020-10050

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.10.2. The directory of service executables of the affected application could allow a local attacker to include arbitrary commands that are executed with SYSTEM privileges when the system restarts...

7.8CVSS7.2AI score0.00286EPSS
Exploits0References1
Rows per page
Query Builder