Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

73677 matches found

F5 Networks
F5 Networksadded 2026/04/16 11:21 p.m.6 views

K000160853: Multiple Vim vulnerabilities

Security Advisory Description CVE-2026-28417 Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL e.g., using the scp:// protocol handler, an...

7.8CVSS6.5AI score0.00017EPSS
Exploits0
OSV
OSVadded 2026/04/16 10:16 p.m.0 views

DEBIAN-CVE-2026-40170

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

7.5CVSS5.7AI score0.00023EPSS
Exploits1References1
CVE
CVEadded 2026/04/16 9:34 p.m.40 views

CVE-2026-40170

ngtcp2 (QUIC) vulnerability: in versions before 1.22.1, ngtcp2_qlog_parameters_set_transport_params() writes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking, enabling a stack buffer overflow when qlog is enabled and large untrusted parameters are received dur...

7.5CVSS6.1AI score0.00023EPSS
Exploits1References3Affected Software1
AlpineLinux
AlpineLinuxadded 2026/04/16 9:34 p.m.0 views

CVE-2026-40170

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

7.5CVSS5.7AI score0.00023EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/04/16 9:34 p.m.1 views

CVE-2026-40170 ngtcp2 has a qlog transport parameter serialization stack buffer overflow

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

7.5CVSS6AI score0.00023EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2026/04/16 9:34 p.m.2 views

CVE-2026-40170

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

7.5CVSS5.7AI score0.00023EPSS
Exploits1
Cvelist
Cvelistadded 2026/04/16 9:34 p.m.21 views

CVE-2026-40170 ngtcp2 has a qlog transport parameter serialization stack buffer overflow

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

7.5CVSS0.00023EPSS
Exploits1References2
Atlassian
Atlassianadded 2026/04/16 9:26 p.m.17 views

DoS (Denial of Service) net.minidev:json-smart Dependency in Jira Software Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.12.1, 10.3.0, and 11.3.0 of Jira Software Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated...

7.5CVSS5.8AI score0.00016EPSS
Exploits1
Snyk
Snykadded 2026/04/16 9:9 p.m.3 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the Utf8GraphQLParser parser. An attacker can cause the application to terminate unexpectedly and disrupt all active services by submitting a crafted GraphQL document with deeply nested selection sets, object...

9.1CVSS5.8AI score0.00047EPSS
Exploits0References2
OSV
OSVadded 2026/04/16 9:9 p.m.4 views

GHSA-QR3M-XW4C-JQW3 ChilliCream GraphQL Platform: Utf8GraphQLParser Stack Overflow via Deeply Nested GraphQL Documents

Impact Hot Chocolate's Utf8GraphQLParser is a recursive descent parser with no recursion depth limit. A crafted GraphQL document with deeply nested selection sets, object values, list values, or list types can trigger a StackOverflowException on payloads as small as 40 KB. Because...

9.1CVSS5.7AI score0.00047EPSS
Exploits0References14
Github Security Blog
Github Security Blogadded 2026/04/16 9:9 p.m.4 views

ChilliCream GraphQL Platform: Utf8GraphQLParser Stack Overflow via Deeply Nested GraphQL Documents

Impact Hot Chocolate's Utf8GraphQLParser is a recursive descent parser with no recursion depth limit. A crafted GraphQL document with deeply nested selection sets, object values, list values, or list types can trigger a StackOverflowException on payloads as small as 40 KB. Because...

9.1CVSS5.7AI score0.00047EPSS
Exploits0References14Affected Software1
RedhatCVE
RedhatCVEadded 2026/04/16 7:22 p.m.2 views

CVE-2026-6196

A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and...

9CVSS6.3AI score0.0002EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/16 7:22 p.m.2 views

CVE-2026-6168

A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid5g causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...

9CVSS6.1AI score0.00031EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/04/16 5:52 p.m.4 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-geo-7.17.13.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-geo-7.17.13.jar Vulnerability Details CVEID:CVE-2024-52981 DESCRIPTION: An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection...

7.5CVSS5.8AI score0.00092EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linuxadded 2026/04/16 2:52 p.m.4 views

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

7.5CVSS5.8AI score0.00256EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/04/16 2:50 p.m.3 views

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

7.5CVSS5.8AI score0.00256EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/04/16 2:48 p.m.2 views

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

7.5CVSS6.3AI score0.00256EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/04/16 2:46 p.m.1 views

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

7.5CVSS6.3AI score0.00256EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/04/16 2:19 p.m.4 views

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

7.5CVSS5.8AI score0.00256EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/04/16 2:14 p.m.4 views

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

7.5CVSS5.8AI score0.00256EPSS
Exploits0References4
Rows per page
Query Builder