311 matches found
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: helm-fips, chisel-fips, tofu-controller-fips, extism, cilium-certgen-fips, aws-ebs-csi-driver-fips, docker-machine-driver-linode, kbld, knative-eventing-fips, ko-fips, prometheus-redis-exporter, aws-efs-csi-driver, grafana-pyroscope,...
GHSA-GM2X-2G9H-CCM8 vulnerabilities
Vulnerabilities for packages: grype-db, kubescape-server-fips, teleport, trivy-fips, steampipe, gomplate, grafana, nemo, kubescape-server, osv-scanner, gitaly-fips, argo-workflows, external-secrets-operator, syft-fips, gitlab-rails-ce, cerbos-fips, argocd-image-updater-fips, syft, chainctl,...
CVE-2026-33762 vulnerabilities
Vulnerabilities for packages: grype-db, kubescape-server-fips, teleport, trivy-fips, steampipe, gomplate, grafana, nemo, kubescape-server, osv-scanner, gitaly-fips, argo-workflows, external-secrets-operator, syft-fips, gitlab-rails-ce, cerbos-fips, argocd-image-updater-fips, syft, chainctl,...
CVE-2026-34165 vulnerabilities
Vulnerabilities for packages: grype-db, kubescape-server-fips, teleport, trivy-fips, steampipe, gomplate, grafana, nemo, kubescape-server, osv-scanner, gitaly-fips, argo-workflows, external-secrets-operator, syft-fips, gitlab-rails-ce, cerbos-fips, argocd-image-updater-fips, syft, chainctl,...
CVE-2021-41834
JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation...
CVE-2022-0668
JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user...
CVE-2022-0573
JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a...
CVE-2025-14830
CVE-2025-14830 affects JFrog Artifactory (Workers) versions 7.94.0 through 7.117.9 (and 7.117.10 as the fixed point referenced) due to improper neutralization of input during web page generation, resulting in Cross-Site Scripting (XSS). Root cause: inadequate input handling in the web page genera...
JFrog Artifactory Workers 跨站脚本漏洞
JFrog Artifactory Workers is an extension service from JFrog USA. A cross-site scripting vulnerability exists in JFrog Artifactory Workers versions 7.94.0 through prior to 7.117.10, which stems from improper input neutralization during web page generation and could lead to cross-site scripting...
PT-2026-1151
Name of the Vulnerable Software and Affected Versions JFrog Artifactory Workers versions 7.94.0 through 7.117.9 Description An issue exists in JFrog Artifactory Workers that allows for Cross-Site Scripting XSS. This is due to improper neutralization of input during web page generation. The issue...
EUVD-2025-36828
Malicious code in jfrog-npm-actions-example npm...
Malicious code in jfrog-npm-actions-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a600f48287c23fcb6db85ed0ed084de6ce12d7d3fab99e327ec306c6a84ea7f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview jfrog-npm-actions-example is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2025-49014 Malicious code in jfrog-npm-actions-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a600f48287c23fcb6db85ed0ed084de6ce12d7d3fab99e327ec306c6a84ea7f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2021-27097
Malware in sbrugna...
EUVD-2016-7423
Malware in sbrugna...
EUVD-2021-10274
Malware in sbrugna...
EUVD-2019-9525
Malware in sbrugna...
EUVD-2018-1879
Malware in sbrugna...
EUVD-2018-11638
Malware in sbrugna...