CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-34063

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.04696EPSS

Exploits1References1

NVD•added 2024/11/29 8:15 a.m.•21 views

CVE-2024-11481

A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API. This leads to improper handling of path traversal, insecure forwarding to an AJP backend without adequate validation, and lack of authentication for accessing internal API endpoints...

8.2CVSS0.00413EPSS

Exploits0References1

NVD•added 2024/11/29 8:15 a.m.•9 views

CVE-2024-11482

A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user...

9.8CVSS0.04696EPSS

Exploits1References2

Cvelist•added 2024/11/29 7:3 a.m.•18 views

CVE-2024-11482

A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user...

9.8CVSS0.04696EPSS

Exploits1References1

Vulnrichment•added 2024/11/29 7:3 a.m.•16 views

CVE-2024-11482

A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user...

9.8CVSS8.1AI score0.04696EPSS

Exploits1References1

CVE•added 2024/11/29 7:3 a.m.•104 views

CVE-2024-11482

CVE-2024-11482 affects Trellix Enterprise Security Manager (ESM) 11.6.10. Multiple sources confirm unauthenticated access to the internal Snowservice API, enabling remote code execution via command injection with root privileges. CVSSv3.1 data: Network attack vector, Low attack complexity, No pri...

9.8CVSS8.2AI score0.04696EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2024/11/29 7:1 a.m.•11 views

CVE-2024-11481

8.2CVSS7.3AI score0.00413EPSS

Exploits0References1

CVE•added 2024/11/29 7:1 a.m.•87 views

CVE-2024-11481

CVE-2024-11481 concerns Trellix Enterprise Security Manager (ESM) 11.6.10. The issue enables unauthenticated access to the internal Snowservice API, with improper path traversal handling and insecure forwarding to an AJP backend, lacking authentication for internal API endpoints. Documents indica...

8.2CVSS7.3AI score0.00413EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/11/29 7:1 a.m.•20 views

CVE-2024-11481

8.2CVSS0.00413EPSS

Exploits0References1

Positive Technologies•added 2024/11/29 12:0 a.m.•3 views

PT-2024-9162 · Trellix · Trellix Enterprise Security Manager

Name of the Vulnerable Software and Affected Versions: Trellix Enterprise Security Manager version 11.6.10 Description: A vulnerability in Trellix Enterprise Security Manager allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection,...

10CVSS8.8AI score0.04696EPSS

Exploits1References17

CNVD•added 2019/05/30 12:0 a.m.•1 views

GitLab CE and EE Incorrect Access Control Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An access control error vulnerability exists in GitLab...

9.8CVSS6.7AI score0.00228EPSS

Exploits0References1

UbuntuCve•added 2019/05/29 5:29 p.m.•18 views

CVE-2019-9221

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control issue 3 of 5...

5.5CVSS6.4AI score0.00024EPSS

Exploits0References2

OSV•added 2019/05/29 5:29 p.m.•13 views

CVE-2019-9485

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions...

9.8CVSS6.5AI score

Exploits0References2

OSV•added 2019/05/29 4:29 p.m.•17 views

CVE-2019-9218

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control issue 1 of 5...

9.8CVSS6.6AI score

Exploits0References1

CNVD•added 2019/04/22 12:0 a.m.•1 views

GitLab Authorization Issues Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An authorization issue vulnerability exists in GitLab...

9.8CVSS7AI score0.00181EPSS

Exploits0References1

OSV•added 2019/04/17 5:29 p.m.•1 views

UBUNTU-CVE-2019-9170

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control...

5.3CVSS6.4AI score0.00159EPSS

Exploits1References3

UbuntuCve•added 2019/04/17 5:29 p.m.•21 views

CVE-2019-9172

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure issue 2 of 5...

5.9CVSS6.6AI score0.00178EPSS

Exploits1References2

Prion•added 2019/04/17 5:29 p.m.•14 views

Design/Logic Flaw

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions...

5.5CVSS7.8AI score0.0024EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by