Skip to main content

Discovery

8 CVEs product

Monthly

CVE-2025-13601 HIGH POC PATCH CISA This Week

Heap-based buffer overflow in GLib's g_escape_uri_string() function allows local attackers to achieve high-integrity and high-availability impacts through integer overflow in escaped string length calculation. The vulnerability affects Red Hat Enterprise Linux 9.0 and 10.0 across multiple architectures (x86_64, ARM64, IBM Z, PowerPC). Vendor patches are available via multiple RHSA advisories. Publicly available exploit code exists, but EPSS score remains extremely low (0.01%, 1st percentile), suggesting minimal real-world exploitation activity despite the availability of technical details.

Buffer Overflow Integer Overflow Codeready Linux Builder Codeready Linux Builder For Ibm Z Systems Codeready Linux Builder For Power Little Endian +26
NVD VulDB
CVSS 3.1
7.7
EPSS
0.0%
CVE-2024-12088 HIGH PATCH This Week

Arbitrary file write outside the intended destination in rsync's client-side `--safe-links` handling allows a malicious or compromised rsync server to bypass the symlink safety check via a path-traversal flaw (CWE-22). The client fails to recursively verify whether a symbolic-link target supplied by the server itself contains a nested symlink, so a controlled server can place files anywhere the rsync process can write. A detailed advisory was published by Google's security-research team (GHSA-p5pg-x43v-mvqj) as part of the January 2025 rsync vulnerability cluster, but the issue is not in CISA KEV and no public exploit identified at time of analysis; EPSS is moderate at 2.89% (86th percentile).

Path Traversal Rsync Discovery Openshift Container Platform Enterprise Linux +15
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
2.9%
CVE-2024-23688 Maven MEDIUM PATCH This Month

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Discovery
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-48795 LIB MEDIUM POC PATCH THREAT This Month

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.6%.

Authentication Bypass Apache Node.js SSH Java +66
NVD GitHub
CVSS 3.1
5.9
EPSS
53.6%
Threat
4.3
CVE-2022-23464 Maven HIGH POC This Week

Nepxion Discovery is a solution for Spring Cloud. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Information Disclosure Java Discovery
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-23463 Maven CRITICAL POC Act Now

Nepxion Discovery is a solution for Spring Cloud. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Java Discovery
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-1712 HIGH PATCH This Week

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service Memory Corruption Systemd Ceph Storage +5
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2018-11746 CRITICAL Act Now

In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM connections can fall back to using basic auth over insecure channels if a HTTPS server is not available. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Discovery
NVD
CVSS 3.0
9.8
EPSS
1.4%
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Heap-based buffer overflow in GLib's g_escape_uri_string() function allows local attackers to achieve high-integrity and high-availability impacts through integer overflow in escaped string length calculation. The vulnerability affects Red Hat Enterprise Linux 9.0 and 10.0 across multiple architectures (x86_64, ARM64, IBM Z, PowerPC). Vendor patches are available via multiple RHSA advisories. Publicly available exploit code exists, but EPSS score remains extremely low (0.01%, 1st percentile), suggesting minimal real-world exploitation activity despite the availability of technical details.

Buffer Overflow Integer Overflow Codeready Linux Builder +28
NVD VulDB
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Arbitrary file write outside the intended destination in rsync's client-side `--safe-links` handling allows a malicious or compromised rsync server to bypass the symlink safety check via a path-traversal flaw (CWE-22). The client fails to recursively verify whether a symbolic-link target supplied by the server itself contains a nested symlink, so a controlled server can place files anywhere the rsync process can write. A detailed advisory was published by Google's security-research team (GHSA-p5pg-x43v-mvqj) as part of the January 2025 rsync vulnerability cluster, but the issue is not in CISA KEV and no public exploit identified at time of analysis; EPSS is moderate at 2.89% (86th percentile).

Path Traversal Rsync Discovery +17
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Discovery
NVD GitHub VulDB
EPSS 54% 4.3 CVSS 5.9
MEDIUM POC PATCH THREAT This Month

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.6%.

Authentication Bypass Apache Node.js +68
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Nepxion Discovery is a solution for Spring Cloud. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Information Disclosure Java +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Nepxion Discovery is a solution for Spring Cloud. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Java Discovery
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service Memory Corruption +7
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM connections can fall back to using basic auth over insecure channels if a HTTPS server is not available. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Discovery
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy