Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/06/11 12:32 a.m.10 views

EUVD-2026-36167

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template injection attacks that could lead to Remote Code Execution. This issue affects Apache OFBiz: before...

5.5AI score0.00657EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/06/10 10:23 p.m.28 views

CVE-2026-50223 Apache OFBiz: DataResource Low-Privileged Authenticated FreeMarker Template Injection Leads to Remote Code Execution

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template injection attacks that could lead to Remote Code Execution. This issue affects Apache OFBiz: before...

0.00657EPSS
Exploits0References1
CVE
CVEadded 2026/06/10 10:23 p.m.18 views

CVE-2026-50223

CVE-2026-50223 affects Apache OFBiz prior to 24.09.07. It is caused by improper control of code generation (template injection) via DataResource editing by a low-privileged authenticated user, enabling possible Remote Code Execution. A fix is available in version 24.09.07; upgrading is recommende...

8.8CVSS5.5AI score0.00657EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2024-1062

Malicious code in bioql PyPI...

6.3CVSS5.4AI score0.00445EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2024/04/15 9:52 p.m.20 views

CVE-2024-31990

A flaw was found in Argo CD. The API server does not enforce project sourceNamespaces, which can allow an attacker to use the UI to edit resources which should only be mutable via gitops...

4.8CVSS5AI score0.00445EPSS
Exploits0References3
NVD
NVDadded 2024/04/15 8:15 p.m.34 views

CVE-2024-31990

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The API server does not enforce project sourceNamespaces which allows attackers to use the UI to edit resources which should only be mutable via gitops. This vulenrability is fixed in 2.10.7, 2.9.12, and 2.8.16...

6.3CVSS4.9AI score0.00445EPSS
Exploits0References4
CNNVD
CNNVDadded 2024/04/15 12:0 a.m.2 views

Argo CD 安全漏洞

Argo CD is a software application. A declarative GitOps continuous delivery tool for Kubernetes. It continuously monitors running applications and compares the current live state with the desired target state e.g. configuration in the Git repository, automatically synchronizing and deploying...

6.3CVSS5.4AI score0.00445EPSS
Exploits0References6
OpenVAS
OpenVASadded 2009/04/15 12:0 a.m.13 views

Debian: Security Advisory (DSA-1754-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.5AI score0.02322EPSS
Exploits0References3
Rows per page
Query Builder