Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2625 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 8:21 p.m.2 views

Malicious code in superapp-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d8661287acb0d1449413e363c682ab1d8cc1815d42b6c36e957f78dfeb8d4e54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 7:27 a.m.3 views

Malicious code in sdk-release (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8de66f690acbb62cee826234fc58f16d56e1adcedc66f23059dcef93e5b1f158 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
BDU FSTEC
BDU FSTECadded 2022/06/15 12:0 a.m.3 views

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a hacker to trigger a service failure.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK set is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to trigger a service failure using the HTTP protocol...

7.8CVSS7.5AI score0.01399EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2022/06/14 12:0 a.m.3 views

PT-2022-2970 · Intel +9 · Sgx Psw +12

Name of the Vulnerable Software and Affected Versions: IntelR Processors affected versions not specified Description: The issue is related to incomplete cleanup in specific special register write operations, which may allow an authenticated user to potentially enable information disclosure via...

9.8CVSS7.6AI score0.38631EPSS
Exploits104References1368
RedHat Linux
RedHat Linuxadded 2022/06/08 12:27 p.m.0 views

OpenJDK: URI parsing inconsistencies (JNDI, 8278972)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

5.3CVSS7.4AI score0.00109EPSS
Exploits0References4
OpenVAS
OpenVASadded 2022/06/01 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2022:1891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.27155EPSS
Exploits1References4
OpenVAS
OpenVASadded 2022/05/30 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2022:1869-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.9AI score0.02263EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2022/05/27 7:3 p.m.2 views

dpdk: sending vhost-user-inflight type messages could lead to DoS

A flaw was found in dpdk, which allows a malicious primary vhost-user to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the secondary vhost-user. By sending such messages continuously, the primary vhost-user...

6.5CVSS5.7AI score0.00194EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2022/05/27 7:3 p.m.3 views

DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash

A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability...

7.5CVSS7.1AI score0.00592EPSS
Exploits0References4
OpenVAS
OpenVASadded 2022/05/26 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2022:1836-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.6AI score0.00584EPSS
Exploits0References4
OpenVAS
OpenVASadded 2022/05/25 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2022:1833-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.21755EPSS
Exploits5References5
OpenVAS
OpenVASadded 2022/05/23 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2022:1764-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVASadded 2022/05/23 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2022:1771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.4AI score0.13614EPSS
Exploits1References5
OpenVAS
OpenVASadded 2022/05/20 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2022:1758-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.1AI score0.00728EPSS
Exploits1References4
OpenVAS
OpenVASadded 2022/05/18 12:0 a.m.8 views

SUSE: Security Advisory (SUSE-SU-2022:1714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
RedHat Linux
RedHat Linuxadded 2022/05/17 11:42 p.m.87 views

Important: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

7.5CVSS6.6AI score0.34335EPSS
Exploits6References7
OpenVAS
OpenVASadded 2022/05/17 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2022:1695-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.00665EPSS
Exploits0References4
OpenVAS
OpenVASadded 2022/05/14 12:0 a.m.23 views

CentOS: Security Advisory for java (CESA-2022:1487)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.4AI score0.00167EPSS
Exploits0References2
OSV
OSVadded 2022/05/13 1:36 a.m.0 views

GHSA-WF9G-RH76-6JVR Incorrect Permission Assignment for Critical Resource in Jenkins

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials SECURITY-392, resulting in future builds possibly failing to download a JDK...

5.4CVSS7.2AI score0.00119EPSS
Exploits0References5
OSV
OSVadded 2022/05/12 8:15 p.m.1 views

CVE-2020-22985

Cross-Site Scripting XSS vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task...

6.1CVSS6.1AI score0.01873EPSS
Exploits0References4
Rows per page
Query Builder