Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Github Security Blog
Github Security Blogadded 2025/10/29 3:31 p.m.5 views

Jenkins Eggplant Runner Plugin protection mechanism disabled

Jenkins Eggplant Runner Plugin 0.0.1.301.v963cffe8ddb8 and earlier sets the Java system property jdk.http.auth.tunneling.disabledSchemes to an empty value as part of applying a proxy configuration. This disables a protection mechanism of the Java runtime addressing CVE-2016-5597. As of publicatio...

5.9CVSS7.6AI score0.00025EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2025/08/21 2:24 p.m.3 views

GHSA-RXC4-3W6R-4V47 vllm API endpoints vulnerable to Denial of Service Attacks

Summary A Denial of Service DoS vulnerability can be triggered by sending a single HTTP GET request with an extremely large header to an HTTP endpoint. This results in server memory exhaustion, potentially leading to a crash or unresponsiveness. The attack does not require authentication, making ...

7.5CVSS7.1AI score0.00306EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2025/08/21 2:24 p.m.6 views

vllm API endpoints vulnerable to Denial of Service Attacks

Summary A Denial of Service DoS vulnerability can be triggered by sending a single HTTP GET request with an extremely large header to an HTTP endpoint. This results in server memory exhaustion, potentially leading to a crash or unresponsiveness. The attack does not require authentication, making ...

7.5CVSS7.1AI score0.00306EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 2025/08/21 12:0 a.m.2 views

PT-2025-34225 · Vllm · Vllm

Name of the Vulnerable Software and Affected Versions: vLLM versions 0.1.0 through 0.10.1.0 Description: vLLM is an inference and serving engine for large language models LLMs. A Denial of Service DoS vulnerability can be triggered by sending a single HTTP GET request with an extremely large head...

7.5CVSS7.3AI score0.00306EPSS
Exploits0References11
Hacker One
Hacker Oneadded 2017/10/29 2:12 p.m.35 views

Gratipay: Bypassing X-frame options

bypass X-Frame-Options Proxy protection NOT used DomainUsing: gratipay.com Proxy protection NOT used , i can bypass X-Frame-Options header and recreate clickjacking on the whole domain. I see that you don't have a reverse proxy protection this allows all users to proxy your website rather than...

7AI score
Exploits0
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.20 views

Boozt index.cgi overflow

It seems that index.cgi from Boozt AdBanner is installed and is vulnerable to a buffer overflow: it doesn't check the length of user supplied variables before copying them to internal arrays. A cracker may exploit this vulnerability to make your web server crash continually or even execute...

7.5CVSS0.2AI score0.02207EPSS
Exploits1
Rows per page
Query Builder