Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

OSV
OSVadded 2026/02/02 8:50 p.m.2 views

GHSA-M7J5-R2P5-C39R picklescan vulnerable to arbitrary file create using logging.FileHandler

Summary Unsafe pickle deserialization allows unauthenticated attackers to perform Arbitrary File Creation. By chaining the logging.FileHandler class, an attacker can bypass RCE-focused blocklists to create empty files on the server. The vulnerability allows creating zero-byte files in arbitrary...

6.9CVSS5.8AI score
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2005-1126

Malware in sbrugna...

5CVSS6.2AI score0.00763EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2011-3118

Malware in sbrugna...

5.9CVSS5.6AI score0.00163EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/02/27 4:11 a.m.15 views

CVE-2025-27145

copyparty, a portable file server, has a DOM-based cross-site scripting vulnerability in versions prior to 1.16.15. The vulnerability is considered low-risk. By handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an attacker could execu...

6.1CVSS6.5AI score0.00297EPSS
Exploits1References1
Snyk
Snykadded 2025/02/25 2:40 a.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the drag-drop action on the Web-UI. An attacker can execute arbitrary JavaScript with the same privileges as the user by tricking them into dragging a maliciously-named, zero-byte file into the interface...

6.1CVSS5.5AI score0.00297EPSS
Exploits1References2
NVD
NVDadded 2019/04/22 4:29 p.m.13 views

CVE-2011-3151

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem...

5.9CVSS5.2AI score0.00163EPSS
Exploits0References1
Veracode
Veracodeadded 2018/04/18 5:40 a.m.11 views

Denial Of Service Through Stack Buffer Overflow

libiniparser.so is vulnerable to denial of service DoS through stack-base buffer overflow. The vulnerability exists in iniparserload of iniparser.c and occurs when parsing a zero-byte file, causing a denial of service DoS attack...

6.5AI score
Exploits0
NVD
NVDadded 2005/05/02 4:0 a.m.14 views

CVE-2005-1123

Monkey daemon monkeyd before 0.9.1 allows remote attackers to cause a denial of service memory corruption via a request for a zero byte file...

5CVSS6.5AI score0.00763EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2005/04/16 12:0 a.m.25 views

GLSA-200504-14 : monkeyd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-14 monkeyd: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discover...

7.5CVSS6.1AI score0.01881EPSS
Exploits0References3
NVD
NVDadded 2001/11/13 5:0 a.m.17 views

CVE-2001-1415

vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes...

4.6CVSS6.4AI score0.00525EPSS
Exploits0References3
Rows per page
Query Builder