Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2025/08/21 7:44 p.m.14 views

CVE-2025-24489

The CVE-2025-24489 entry concerns INFINITT PACS System Manager with an unrestricted upload of files via a specific endpoint. Connected sources (Red Hat, NVD, CVEList, ICS-CISA) consistently describe an attacker able to upload arbitrary files, potentially enabling system compromise or unauthorized...

6.3CVSS6.5AI score0.00035EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2025/07/18 7:50 p.m.4 views

Wasmtime CLI is vulnerable to host panic through its fd_renumber function

Summary A bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host embedder. The specific bug is triggered by calling pathopen after calling fdrenumber with either: - two equal argument values - second argument being equal...

3.5CVSS6.5AI score0.00379EPSS
Exploits0References12Affected Software2
Vulnrichment
Vulnrichmentadded 2025/07/18 5:10 p.m.4 views

CVE-2025-53901 Wasmtime has host panic with `fd_renumber` WASIp1 function

Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host embedder. The specific bug is triggered by calling pathopen after calling...

3.5CVSS6.7AI score0.00379EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2025/01/14 4:32 p.m.9 views

CVE-2025-0343: Swift ASN.1 can crash when parsing maliciously formed BER/DER

Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in the ASN.1 library itself which assumes that certain objects can only be provided in either constructed or primitive forms, and will trigger a preconditionFailure if that constrain...

7.5CVSS6.9AI score0.00215EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/05/13 12:0 a.m.68 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2023-1869)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a...

7.5CVSS6.9AI score0.00226EPSS
Exploits0References3
NVD
NVDadded 2022/12/28 3:15 a.m.9 views

CVE-2020-36562

Due to unchecked type assertions, maliciously crafted messages can cause panics, which may be used as a denial of service vector...

7.5CVSS0.00429EPSS
Exploits1References2
OSV
OSVadded 2021/04/14 8:4 p.m.38 views

GO-2021-0061 Denial of service in gopkg.in/yaml.v2

Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...

5.5CVSS6AI score0.00034EPSS
Exploits1References2
OpenVAS
OpenVASadded 2014/12/11 12:0 a.m.31 views

Debian Security Advisory DSA 3099-1 (dbus - security update)

Simon McVittie discovered that the fix for CVE-2014-3636 was incorrect, as it did not fully address the underlying denial-of-service vector. This update starts the D-Bus daemon as root initially, so that it can properly raise its file descriptor count. In addition, this update reverts the...

2.1CVSS7.4AI score0.00096EPSS
Exploits1References1
Rows per page
Query Builder