Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19904 matches found

VulnCheck KEV
VulnCheck KEVadded 2026/01/22 12:0 a.m.3 views

VulnCheck KEV: CVE-2022-31208

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmdstring URL parameter...

9CVSS6AI score0.00606EPSS
In wildExploits1References8
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.1 views

RockyLinux 9 : glib2 (RLSA-2026:0936)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0936 advisory. glib: Integer overflow in in gescapeuristring CVE-2025-13601 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

7.7CVSS5.5AI score0.00013EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/01/21 9:26 p.m.4 views

CVE-2026-21640

HackerOne community member Faraz Ahmed PakCyberbot has reported a format string injection in the Revive Adserver settings. When specific character combinations are used in a setting, the admin user console could be disabled due to a fatal PHP error...

2.7CVSS5.5AI score0.0004EPSS
Exploits0References1
OSV
OSVadded 2026/01/21 8:16 p.m.4 views

DEBIAN-CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.9AI score0.00059EPSS
Exploits0References1
NVD
NVDadded 2026/01/21 8:16 p.m.4 views

CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS0.00059EPSS
Exploits0References5
OSV
OSVadded 2026/01/21 8:16 p.m.1 views

UBUNTU-CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.7AI score0.00059EPSS
Exploits0References7
Debian CVE
Debian CVEadded 2026/01/21 8:0 p.m.3 views

CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.8AI score0.00059EPSS
Exploits0
CVE
CVEadded 2026/01/21 8:0 p.m.13 views

CVE-2025-69209

The CVE-2025-69209 entry concerns ArduinoCore-avr. A stack-based buffer overflow occurs in earlier releases (versions before 1.8.7) when converting floating-point values to strings with very high precision via dtostrf, writing beyond fixed-size stack buffers, causing memory corruption and potenti...

6.9CVSS6.8AI score0.00059EPSS
Exploits0References5
EUVD
EUVDadded 2026/01/21 8:0 p.m.1 views

EUVD-2025-206313

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.8AI score0.00059EPSS
Exploits0References5
OSV
OSVadded 2026/01/21 8:0 p.m.3 views

CVE-2025-69209 ArduinoCore-avr has Stack-Based Buffer Overflow in WString Float/Double Constructors

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.9AI score0.00059EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/01/21 8:0 p.m.3 views

CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.6AI score0.00059EPSS
Exploits0References6Affected Software1
EUVD
EUVDadded 2026/01/21 7:25 p.m.3 views

EUVD-2026-3780

EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be...

4.2CVSS5.5AI score0.00027EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/01/21 7:25 p.m.2 views

CVE-2026-23955

EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be...

4.2CVSS5.4AI score0.00027EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/21 7:25 p.m.4 views

CVE-2026-23955 EVerest vulnerable to concatenation of strings literal and integers

EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be...

4.2CVSS5.5AI score0.00027EPSS
Exploits1References1
OSV
OSVadded 2026/01/21 7:25 p.m.4 views

CVE-2026-23955 EVerest vulnerable to concatenation of strings literal and integers

EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be...

4.2CVSS5.5AI score0.00027EPSS
Exploits1References3
Cvelist
Cvelistadded 2026/01/21 7:25 p.m.14 views

CVE-2026-23955 EVerest vulnerable to concatenation of strings literal and integers

EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be...

4.2CVSS0.00027EPSS
Exploits1References1
NVD
NVDadded 2026/01/21 6:16 p.m.3 views

CVE-2025-66960

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata...

7.5CVSS0.00623EPSS
Exploits1References2
OSV
OSVadded 2026/01/21 6:16 p.m.4 views

PYSEC-2026-102

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata...

7.5CVSS5.8AI score0.00623EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2026/01/21 12:11 p.m.3 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00019EPSS
Exploits2References8
RedHat Linux
RedHat Linuxadded 2026/01/21 10:1 a.m.4 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00019EPSS
Exploits2References8
Rows per page
Query Builder