Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2025/08/20 11:42 p.m.11 views

CVE-2025-9141

A vulnerability was found in vLLM's Qwen3 Coder tool parser. Since this parser uses Python's eval function, it poses a risk of arbitrary code execution. This vulnerability appears during the parameter conversion process when the parser attempts to handle complex data types...

8.8CVSS7.8AI score
Exploits0References4
OSV
OSVadded 2025/08/11 1:51 p.m.3 views

BIT-LIBPYTHON-2021-3177

Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...

9.8CVSS8.5AI score0.00072EPSS
Exploits1References29
CNNVD
CNNVDadded 2022/06/17 12:0 a.m.1 views

npm pg-native 代码问题漏洞

npm pg-native is a high-performance native binding between node.js and PostgreSQL from US-based npm, using a simple API via libpq. A code issue vulnerability exists in pg-native that stems from the plugin's susceptibility to a denial of service DoS when it attempts to convert the second parameter...

7.5CVSS7.4AI score0.00433EPSS
Exploits1References3
RedHat Linux
RedHat Linuxadded 2021/12/15 2:38 p.m.0 views

resteasy: Error message exposes endpoint class information

A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The...

5.3CVSS7AI score0.00084EPSS
Exploits0References4
Exploit DB
Exploit DBadded 2016/03/23 12:0 a.m.31 views

Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=715 The ActionScript parameter conversion in the fix for issue 403 https://code.google.com/p/google-security-research/issues/detail?id=403 can sometimes access a parameter on the native stack that is uninitialized. If: mc.swapDepth...

7.4AI score
Exploits0
0day.today
0day.todayadded 2016/03/23 12:0 a.m.41 views

Adobe Flash - Uninitialized Stack Parameter Access in AsBroadcaster.broadcastMessage UaF Fix

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=717 The ActionScript parameter conversion in the fix for an issue in the December Flash bulletin https://helpx.adobe.com/security/products/flash-player/apsb15-32.html, most likely...

10CVSS0.7AI score0.64525EPSS
Exploits2
Rows per page
Query Builder