Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

34 matches found

RedhatCVE
RedhatCVEadded 2026/05/14 7:58 p.m.3 views

CVE-2026-42545

Granian is a Rust HTTP server for Python applications. From 0.2.0 to 2.7.4, Granian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malform...

5.9CVSS5.8AI score0.00052EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/12 9:51 p.m.4 views

CVE-2026-42545 Granian: DoS via WSGI response header panic

Granian is a Rust HTTP server for Python applications. From 0.2.0 to 2.7.4, Granian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malform...

5.9CVSS5.8AI score0.00052EPSS
Exploits0References1
CVE
CVEadded 2026/05/12 9:51 p.m.11 views

CVE-2026-42545

Granian is a Rust HTTP server for Python applications. Vulnerable from 0.2.0 up to 2.7.4, where the WSGI response conversion path uses .unwrap() on header name and value constructors; malformed headers trigger a worker process abort instead of handling the error. This results in a Denial of Servi...

5.9CVSS5.8AI score0.00052EPSS
Exploits0References1
OSV
OSVadded 2026/05/06 11:38 p.m.3 views

GHSA-R5FR-9GMV-JGGH scim_proton and kanidm_proto have an authenticated process abort via SCIM filter stack exhaustion

Summary A single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses ≈ 4–12 KB drives the recursive-descent PEG parser past the worker thread's stack guard page. Rust responds to stack overflow with std::process::abort — the entire...

8.7CVSS5.9AI score
Exploits0References2
EUVD
EUVDadded 2026/03/30 9:41 p.m.0 views

EUVD-2026-17223

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value = 89. The unvalidated step index is read directly from the network and...

6.9CVSS5.8AI score0.00071EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/03/30 9:41 p.m.2 views

CVE-2026-33977 FreeRDP: DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value = 89. The unvalidated step index is read directly from the network and...

6.9CVSS5.8AI score0.00071EPSS
Exploits1References2
AlpineLinux
AlpineLinuxadded 2026/03/30 9:41 p.m.1 views

CVE-2026-33977

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value = 89. The unvalidated step index is read directly from the network and...

6.9CVSS5.8AI score0.00071EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2026/02/04 12:0 a.m.5 views

SUSE SLES16 Security Update : glibc (SUSE-SU-2026:20198-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20198-1 advisory. Security fixes: - CVE-2025-0395: Fixed buffer overflow in the assert function bsc1236282. - CVE-2026-0861: Fixed inadequate size...

8.4CVSS5.8AI score0.0009EPSS
Exploits1References14
SUSE Linux
SUSE Linuxadded 2026/02/03 6:9 p.m.3 views

Security update for glibc

This update for glibc fixes the following issues: Security fixes: CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow bsc1256766. CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in nssdnsgetnetbyaddrr bsc1256822...

8.5CVSS5.6AI score0.0009EPSS
Exploits1References14
NVD
NVDadded 2026/01/23 4:15 p.m.0 views

CVE-2025-67125

A signed integer overflow in docopt.cpp v0.6.2 LeafPattern::match in docoptprivate.h when merging occurrence counters e.g., default LONGMAX + first user "-v/--verbose" can cause counter wrap negative/unbounded semantics and lead to logic/policy bypass in applications that rely on occurrence-based...

4.4CVSS0.0001EPSS
Exploits1References2
CVE
CVEadded 2026/01/23 12:0 a.m.8 views

CVE-2025-67125

CVE-2025-67125: A signed integer overflow in docopt.cpp v0.6.2 (LeafPattern::match in docopt_private.h) occurs when merging occurrence counters (e.g., LONG_MAX + user-supplied -v/--verbose). This can cause counter wrap with negative/unbounded semantics, enabling logic/policy bypass in apps relyin...

4.4CVSS5.6AI score0.0001EPSS
Exploits1References2Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-6611

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00712EPSS
Exploits0References11
RedhatCVE
RedhatCVEadded 2024/10/09 6:56 p.m.10 views

CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS7AI score0.00007EPSS
Exploits0References1
OSV
OSVadded 2024/10/09 6:15 p.m.1 views

PYSEC-2024-312

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS5.8AI score0.00007EPSS
Exploits0References6
PyPA
PyPAadded 2024/10/09 6:15 p.m.5 views

PYSEC-2024-312

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS5.8AI score0.00007EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2024/10/09 6:3 p.m.4 views

CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS6.8AI score0.00007EPSS
Exploits0References8
SUSE CVE
SUSE CVEadded 2023/02/15 4:8 a.m.1 views

SUSE CVE-2019-15604

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate...

7.5CVSS7.7AI score0.03533EPSS
Exploits1References9
SUSE CVE
SUSE CVEadded 2023/02/15 3:55 a.m.1 views

SUSE CVE-2020-16092

In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in...

3.8CVSS6.7AI score0.00039EPSS
Exploits0References19
Prion
Prionadded 2022/08/01 10:15 p.m.21 views

Design/Logic Flaw

Rust-WebSocket is a WebSocket RFC6455 library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based...

5CVSS7.4AI score0.00712EPSS
Exploits0References4Affected Software2
Vulnrichment
Vulnrichmentadded 2022/08/01 9:35 p.m.7 views

CVE-2022-35922 Memory allocation based on untrusted length in rust-websocket

Rust-WebSocket is a WebSocket RFC6455 library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based...

7.5CVSS7.5AI score0.00712EPSS
Exploits0References4
Rows per page
Query Builder