Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Talos
Talosadded 6 days ago12 views

Internet Systems Consortium BIND DNSSEC DNSKEY Extended Flags denial of service vulnerability

Summary A denial of service vulnerability exists in the DNSSEC DNSKEY Extended Flags functionality of BIND versions: 9.21.21. A specially crafted mirror domain can lead to a denial of service. An attacker can serve a malicious zone to trigger this vulnerability. Confirmed Vulnerable Versions The...

5.7AI score
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/05/06 7:49 p.m.3 views

CVE-2026-44117

OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests...

6.3CVSS5.8AI score0.00236EPSS
Exploits0References4
CVE
CVEadded 2025/10/28 11:48 a.m.12 views

CVE-2025-40073

CVE-2025-40073 affects the Linux kernel DRM MSM driver. The issue occurs when validating SSPP for the current plane while it is not yet associated with an SSPP, leading to a NULL pointer dereference in multirect handling. The problem is documented in the kernel patch, and a fix was released (patc...

6.3AI score0.00154EPSS
Exploits0References2
OSV
OSVadded 2024/03/26 6:15 p.m.0 views

UBUNTU-CVE-2024-26649

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer when load rlc firmware If the RLC firmware is invalid because of wrong header size, the pointer to the rlc firmware is released in function amdgpuucoderequest. There will be a null pointer error i...

5.5CVSS6AI score0.00227EPSS
Exploits0References14
Hacker One
Hacker Oneadded 2022/01/12 10:25 p.m.26 views

Rocket.Chat: TOTP 2 Factor Authentication Bypass

Summary Two Factor Authentication can be bypassed when telling the server to use CAS during login. Description The 2FA Login Handler skips validation when it finds CAS enabled. When the clients sends the option among the login request, the login proceeds without validation of a second factor. In...

6.5CVSS0.01216EPSS
Exploits1
CNNVD
CNNVDadded 2021/08/12 12:0 a.m.4 views

wolfSSL 数据伪造问题漏洞

Wolfssl CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from Wolfssl, Inc. in the United States. A security vulnerability exists in wolfSSL that stems from incorrectly skipping OCSP validation under certain circumstances containing extraneous...

5.9CVSS5.3AI score0.00483EPSS
Exploits0References2
RubySec
RubySecadded 2016/01/25 12:0 a.m.32 views

Possible Input Validation Circumvention in Active Model

There is a possible input validation circumvention vulnerability in Active Model. This vulnerability has been assigned the CVE identifier CVE-2016-0753. Versions Affected: 4.1.0 and newer Not affected: 4.0.13 and older Fixed Versions: 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1 Impact ------ Code that uses...

5.3CVSS0.9AI score0.07157EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder