Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded yesterday7 views

EUVD-2026-36726

Impact: multer versions 1.0.0 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service via deeply nested field names in multipart form data. The append-field dependency parses bracket notation in field names with no limit on nesting depth, allowing an attacker to force allocation of...

7.5CVSS5.3AI score
Exploits0References2
Snyk
Snykadded 2026/03/24 12:32 a.m.4 views

Allocation of Resources Without Limits or Throttling

Overview activesupport is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in NumberConverter. An attacker can cause excessive memory allocation by...

8.7CVSS5.8AI score0.00032EPSS
Exploits0References2
OSV
OSVadded 2025/06/19 10:15 a.m.1 views

DEBIAN-CVE-2025-49763

ESI plugin does not have the limit for maximum inclusion depth, and that allows excessive memory consumption if malicious instructions are inserted. Users can use a new setting for the plugin --max-inclusion-depth to limit it. This issue affects Apache Traffic Server: from 10.0.0 through 10.0.5,...

7.5CVSS5.3AI score0.04008EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/07 6:1 a.m.40 views

Security Bulletin: Security fixes available for The IBM® Engineering System Design Rhapsody products on IBM Jazz Technology

Summary The IBM® Engineering System Design Rhapsody 10.0 iFix001, The IBM® Engineering System Design Rhapsody 9.0.2 iFix002 and The IBM® Engineering System Design Rhapsody 9.0.1 iFix006 contain fixes for vulnerabilities identified in the Vulnerabilities Details section. The refererred iFix versio...

5.8CVSS7.9AI score0.9026EPSS
Exploits4Affected Software1
Prion
Prionadded 2024/02/09 11:15 p.m.26 views

Authentication flaw

Envoy is a high-performance edge/middle/service proxy. External authentication can be bypassed by downstream connections. Downstream clients can force invalid gRPC requests to be sent to extauthz, circumventing extauthz checks when failuremodeallow is set to true. This issue has been addressed in...

5CVSS7.2AI score0.00036EPSS
Exploits0References2Affected Software1
Amazon
Amazonadded 2023/09/25 12:0 a.m.3 views

Medium: redis

Issue Overview: Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTRO commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory OOM panic. The...

6.5CVSS7.1AI score0.60647EPSS
Exploits0
Debian CVE
Debian CVEadded 2020/01/28 9:20 p.m.3 views

CVE-2020-5215

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

7.5CVSS6.9AI score0.00232EPSS
Exploits1
Rows per page
Query Builder