Filter
AND
Apache ShiroApache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests.
9.8
First published (updated )
redhat/jenkinsStack exhaustion in json-smart leads to denial of service when parsing malformed JSON
7.5
First published (updated )
Node.jsHackerOne: CVE-2023-32002 Node.js `Module._load()` policy Remote Code Execution Vulnerability
9.8
First published (updated )
npm/wsDenial of service when handling a request with many HTTP headers in ws
7.5
First published (updated )
IBM Planning AnalyticsIBM Planning Analytics file upload
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
IBM Planning AnalyticsIBM Planning Analytics file upload
8
First published (updated )
IBM Planning AnalyticsIBM Planning Analytics Remote Code Execution Vulnerability
First published (updated )
ubuntu/redis`HINCRBYFLOAT` can be used to crash a redis-server process
6.5
First published (updated )
F5 BIG-IP and BIG-IQ Centralized ManagementApache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request
7.5
First published (updated )
IBM Planning AnalyticsInput Validation, Command Injection
7.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache CouchDBRemote Code Execution Vulnerability in Packaging
First published (updated )
IBM Planning AnalyticsRejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with…
9.8
First published (updated )
IBM Planning AnalyticsIn Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource con…
7.5
First published (updated )
ubuntu/redisRedis Unix-domain socket may have be exposed with the wrong permissions for a short time window.
3.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/redisHeap overflow issue with the Lua cjson library used by Redis
8.8
First published (updated )
RedisInteger overflow in multiple Redis commands can lead to denial-of-service
5.5
First published (updated )
ubuntu/redisInteger overflow in certain command arguments can drive Redis to OOM panic
5.5
First published (updated )
ubuntu/redisRedis string pattern matching can be abused to achieve Denial of Service
5.5
First published (updated )
ubuntu/redisInteger Overflow in several Redis commands can lead to denial of service.
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
IBM Planning AnalyticsIBM Planning Analytics Local cross-site scripting
6.4
First published (updated )
redhat/dotnet6.0Improper Removal of Sensitive Information Before Storage or Transfer in eventsource/eventsource
9.3
First published (updated )
IBM Planning AnalyticsThe Bouncy Castle Crypto Package For Java could allow a remote attacker to bypass security restricti…
5.3
EPSS
0.04%
First published (updated )
F5 BIG-IP and BIG-IQ Centralized ManagementApache HTTP Server: mod_rewrite proxy handler substitution
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
IBM Planning AnalyticsIBM Planning Analytics Local cross-site scripting
5.4
First published (updated )
IBM Planning AnalyticsIBM Planning Analytics Local cross-site scripting
6.4
First published (updated )
IBM Planning AnalyticsImproper handling of filenames in Content-Disposition HTTP header in github.com/gin-gonic/gin
7.5
First published (updated )
redhat/golangMemory exhaustion in QUIC connection handling in crypto/tls
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.