Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/04/28 9:11 a.m.6 views

CVE-2025-48431

The CVE-2025-48431 affects Apache Thrift c_glib bindings (c_glib language bindings) prior to 0.23.0. The issue is a Mismatched Memory Management Routines vulnerability that can cause a crash in a c_glib-based Thrift server via specially crafted requests, producing a fatal "+free(): invalid pointe...

7.5CVSS5.3AI score0.00088EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/09/10 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2019-3564

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short...

7.5CVSS7.2AI score0.00529EPSS
Exploits0References2
OSV
OSVadded 2024/12/23 6:30 p.m.2 views

GHSA-77PM-W3HX-F8MJ Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails

Signing cookies is an application security feature that adds a digital signature to cookie data to verify its authenticity and integrity. The signature helps prevent malicious actors from modifying the cookie value, which can lead to security vulnerabilities and exploitation. Apache Hive’s servic...

8.7CVSS5.9AI score0.06462EPSS
Exploits1References10
Cvelist
Cvelistadded 2021/10/25 12:22 p.m.22 views

CVE-2021-38294 Shell Command Injection Vulnerability in Nimbus Thrift Server

A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution RCE prior to authentication...

10AI score0.82064EPSS
Exploits4References3
OSV
OSVadded 2019/10/29 7:15 p.m.1 views

DEBIAN-CVE-2019-0210

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

7.5CVSS6.9AI score0.01194EPSS
Exploits0References1
OSV
OSVadded 2019/05/06 4:29 p.m.1 views

UBUNTU-CVE-2019-3558

Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook...

7.5CVSS5.8AI score0.00729EPSS
Exploits0References4
OSV
OSVadded 2019/05/06 4:29 p.m.0 views

UBUNTU-CVE-2019-3564

Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift...

7.5CVSS7.1AI score0.00529EPSS
Exploits0References5
AlpineLinux
AlpineLinuxadded 2019/05/06 3:15 p.m.25 views

CVE-2019-3564

Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift...

7.5CVSS4.1AI score0.00529EPSS
Exploits0References3
Rows per page
Query Builder