Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2025/06/16 9:17 a.m.12 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to improper verification of cryptographic signature due to elliptic ( CVE-2024-48949 )

Summary Potential vulnerabilities in elliptic module CVE-2024-48949 has been identified that may affect IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2024-48949 DESCRIPTION: The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits...

9.1CVSS6.8AI score0.00292EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/06/05 12:19 p.m.23 views

Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.297 Vulnerability Details CVEID:CVE-2023-6918 DESCRIPTION: A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto...

8.1CVSS9.6AI score0.54214EPSS
Exploits4Affected Software1
Github Security Blog
Github Security Blogadded 2025/04/29 4:43 p.m.16 views

phi4mm: Quadratic Time Complexity in Input Token Processing​ leads to denial of service

Summary A critical performance vulnerability has been identified in the input preprocessing logic of the multimodal tokenizer. The code dynamically replaces placeholder tokens e.g., , with repeated tokens based on precomputed lengths. Due to ​​inefficient list concatenation operations​​, the...

7.5CVSS6.9AI score0.01523EPSS
Exploits1References4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/25 2:14 p.m.11 views

Security Bulletin: Vulnerability in Flask affects IBM Cloud Pak for Data System 1.0 (CPDS 1.0)[CVE-2023-30861]

Summary The Flask package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-30861. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by...

7.5CVSS6.1AI score0.00221EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/15 3:25 a.m.20 views

Security Bulletin: Vulnerability in JsonToBinaryStream() function ( CVE-2024-2410) may affect IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential vulnerability CVE-2024-2410 has been identified related to JsonToBinaryStream function that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-24...

9.8CVSS7.1AI score0.0005EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/14 10:52 a.m.26 views

Security Bulletin: IBM Asset Data Dictionary uses jetty-http-9.4.48.v20220622.jar which is vulnerable to CVE-2024-6763.

Summary IBM Asset Data Dictionary uses jetty-http-9.4.48.v20220622.jar which is vulnerable to CVE-2024-6763. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable,...

5.3CVSS6.6AI score0.01189EPSS
Exploits1Affected Software1
OSV
OSVadded 2025/02/28 5:57 a.m.1 views

BELL-CVE-2024-58020

Bulletin has no description...

5.5CVSS7.5AI score0.00022EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/05 12:8 p.m.8 views

CVE-2024-52867

guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...

8.1CVSS6.7AI score0.00037EPSS
Exploits0References1
Chainguard
Chainguardadded 2024/09/25 9:30 a.m.4 views

GHSA-F5FW-25GW-5M92 vulnerabilities

Vulnerabilities for packages: druid, apache-nifi...

5.4AI score
Exploits0
Redos
Redosadded 2024/03/13 12:0 a.m.12 views

ROS-2-1606

2.1606 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.3AI score0.02512EPSS
Exploits1
Cvelist
Cvelistadded 1976/01/01 12:0 a.m.9 views

CVE-2018-3675

...

Exploits0
Cvelist
Cvelistadded 1976/01/01 12:0 a.m.4 views

CVE-2022-41782

...

Exploits0
Cvelist
Cvelistadded 1976/01/01 12:0 a.m.7 views

CVE-2022-32581

...

Exploits0
Rows per page
Query Builder