Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2025/12/11 8:15 p.m.3 views

CVE-2025-36937

In AudioDecoder::HandleProduceRequest of audiodecoder.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS0.00178EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/11 7:35 p.m.17 views

CVE-2025-36937

In AudioDecoder::HandleProduceRequest of audiodecoder.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00178EPSS
Exploits0References1
CVE
CVEadded 2025/12/11 7:35 p.m.17 views

CVE-2025-36937

CVE-2025-36937 affects the AudioDecoder::HandleProduceRequest path in audio_decoder.cc. The issue is an out-of-bounds write caused by an incorrect bounds check, which could enable remote code execution over the network without user interaction or extra privileges. Multiple connected sources (incl...

9.8CVSS7.6AI score0.00178EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blogadded 2022/05/24 4:50 p.m.32 views

Improper Input Validation in Apache Kafka

In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users should upgrade to...

8.8CVSS4.5AI score0.00208EPSS
Exploits0References12Affected Software1
OSV
OSVadded 2019/07/11 9:15 p.m.20 views

CVE-2018-17196

In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users should upgrade to...

8.8CVSS6.4AI score
Exploits0References11
CVE
CVEadded 2019/07/11 8:37 p.m.254 views

CVE-2018-17196

CVE-2018-17196 (Apache Kafka) : A vulnerability in Kafka versions 0.11.0.0–2.1.0 allows a remote authenticated attacker to bypass transaction/idempotent ACL validation by crafting a Produce request. The issue stems from improper input validation, requiring authenticated clients with Write permiss...

8.8CVSS8.3AI score0.00208EPSS
Exploits0References11Affected Software1
Cvelist
Cvelistadded 2019/07/11 8:37 p.m.21 views

CVE-2018-17196

In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users should upgrade to...

6.8AI score0.00208EPSS
Exploits0References11
Rows per page
Query Builder