Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Wolfi
Wolfiadded 2026/01/14 7:48 p.m.6 views

CVE-2022-45685 vulnerabilities

Vulnerabilities for packages: druid...

7.5CVSS7AI score0.00263EPSS
Exploits1
Cvelist
Cvelistadded 2025/08/04 11:2 p.m.7 views

CVE-2025-8530 elunez eladmin Druid application-prod.yml default credentials

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument...

6.9CVSS0.00236EPSS
Exploits1References5
CVE
CVEadded 2025/07/20 8:32 p.m.18 views

CVE-2025-7907

The CVE-2025-7907 entry concerns the yangzongzhuan RuoYi project (up to 4.8.1) with a Druid component issue in ruoyi-admin/src/main/resources/application-druid.yml. The vulnerability arises from manipulation that enables use of default credentials, and it is exploitable remotely. Public exploit i...

5.3CVSS7.2AI score0.00146EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTECadded 2025/06/25 12:0 a.m.2 views

The vulnerability of the Apache Druid analytical database lies in the redirection of URLs to an unreliable website. This allows attackers to redirect users to arbitrary URL addresses, execute XSS attacks, or perform SSRF attacks.

The vulnerability of the Apache Druid analytical database is related to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary URL addresses, perform XSS attacks, or carry out SSRF attacks...

7.5CVSS8AI score0.02273EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2025/03/20 12:32 p.m.9 views

GHSA-2XCR-P767-F3RV Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect

Severity: medium 5.8 / important Server-Side Request Forgery SSRF, Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Apache Druid. This issue affects all previous Druid versions. When using the...

5.8CVSS6.2AI score0.02273EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2025/03/19 12:0 a.m.4 views

PT-2025-12331

Apache Druid and Affected Versions Apache Druid versions prior to 31.0.2 and prior to 32.0.1 Description Apache Druid is susceptible to Server-Side Request Forgery SSRF, Cross-Site Scripting XSS, and Open Redirect issues. When the Druid management proxy is used, a specially crafted URL in a reque...

7.5CVSS5.7AI score0.02273EPSS
Exploits0References26
CNNVD
CNNVDadded 2024/09/17 12:0 a.m.2 views

Apache Druid 输入验证错误漏洞

Apache Druid is an American Apache Apache Foundation open source, column-oriented distributed database written in Java. An input validation error vulnerability exists in Apache Druid version 30.0.0 and earlier. An attacker could exploit this vulnerability to read data from other database systems...

6.5CVSS6.4AI score0.00323EPSS
Exploits1References2
OSV
OSVadded 2023/05/03 3:15 a.m.0 views

UBUNTU-CVE-2023-29839

A Stored Cross Site Scripting XSS vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function...

5.4CVSS6.3AI score0.00536EPSS
Exploits1References3
Rows per page
Query Builder