Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Tenable Nessus
Tenable Nessusadded 2026/05/09 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: uriparser (UTSA-2026-017362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017362 advisory. An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. Tenable has extracted the preceding...

5.5CVSS5.8AI score0.01131EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/01/09 8:54 a.m.3 views

CVE-2021-41260

Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 do not check for Cross Site Request Forgery attacks. All users are advised to upgrade to 0.9.6 as soon as possible. There are no known workarounds for this issue...

8.8CVSS6.7AI score0.00434EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2025/10/02 6:11 a.m.2 views

A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept and used as an input to new secret_hash. Historically, both of these buffers had shared length variable, which worked as long as these buffers were same. But the key re-exchange operation can also change the key exchange method, which can be based on hash of different size, eventually creating "secret_hash" of different size than the session_id has. This becomes an issue when the session_id memory is zeroed or when it is used again during second key re-exchange.

...

6.5CVSS7AI score0.04596EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2022/01/06 4:15 a.m.3 views

CVE-2021-46142

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax...

5.5CVSS6AI score0.01095EPSS
Exploits1References9
CNNVD
CNNVDadded 2021/12/16 12:0 a.m.2 views

Galette SQL注入漏洞

Galette is a membership management web application built for non-profit organizations and released under the GPLv3. A SQL injection vulnerability exists in versions of Galette prior to 0.9.6. An attacker with "member" privileges could use this vulnerability to launch an SQL injection attack...

8.8CVSS5.9AI score0.01051EPSS
Exploits0References2
CNVD
CNVDadded 2016/05/06 12:0 a.m.2 views

OpenSSL has an unspecified vulnerability (CNVD-2016-02810)

OpenSSL is an open source capable of implementing the Secure Sockets Layer SSL v2/v3 and Secure Transport Layer TLS v1 protocols developed by the OpenSSL team as a general-purpose cryptographic library that supports a wide range of cryptographic algorithms including symmetric ciphers, hash...

7.5CVSS9.3AI score0.03137EPSS
Exploits0References1
Rows per page
Query Builder