Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4571 matches found

Cvelist
Cvelistadded 2025/08/18 8:9 p.m.26 views

CVE-2025-53192 Apache Commons OGNL: Expression Injection leading to RCE

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue​, the OGNL engine parses and evaluates the provided expression with powerful capabilities...

0.0052EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/18 12:0 a.m.4 views

PT-2025-46761

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s SCTP implementation related to Message Authentication Code MAC comparison. The MAC comparison was not performed in constant time, potentially allowing...

4.6CVSS7.3AI score0.00171EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-10740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The...

4.3CVSS6.4AI score0.00771EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-41772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename...

7.5CVSS7.8AI score0.03051EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-6152

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to...

9.6CVSS8AI score0.01315EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-5648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the...

2.5CVSS3.3AI score0.00206EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-3160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function...

4.8CVSS5.5AI score0.00228EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-6129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a...

6.5CVSS7.4AI score0.02746EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-49092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through...

5.9CVSS6.2AI score0.00605EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-1193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows a malicious actor to obtain details...

4.3CVSS5AI score0.009EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-47279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement a webhook-like system are...

3.1CVSS6.6AI score0.00254EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-21488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.34. Easily...

3.8CVSS6.6AI score0.00354EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2015-1609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request. CVE-2015-1609 No...

5CVSS6.8AI score0.028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-3645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.18 and earlier. Easily...

4.9CVSS5.5AI score0.0245EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-36083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE. CVE-2021-36083 Note that Nessus relies on the presence...

5.5CVSS6.1AI score0.00938EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-20800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 5.0.31 and 6.0.13. Users updating to 6.0.13 also patchlevel updates or 5.0.31 only major updates will...

6.5CVSS6.4AI score0.01008EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-27813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a...

7.5CVSS6.4AI score0.02342EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/08/16 9:26 a.m.14 views

CVE-2025-54472

Unlimited memory allocation in redis protocol parser in Apache bRPC all versions 1.14.1 on all platforms allows attackers to crash the service via network. Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers re...

7.5CVSS7.5AI score0.01198EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2025/08/15 7:44 p.m.236 views

0day-buffer-overflow-in-exiv2

PoC and patch for heap-buffer-overflow in PngChunk::readRawProf...

8.3AI score
Exploits0
Patchstack
Patchstackadded 2025/08/15 3:40 p.m.5 views

WordPress Dropshix plugin <= 4.0.14 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Vinit Lakra Patchstack Alliance in WordPress Plugin Dropshix versions = 4.0.14...

5.9CVSS5.8AI score0.004EPSS
Exploits0Affected Software1
Rows per page
Query Builder