Lucene search
K

43 matches found

Chainguard
Chainguard
added 2026/01/22 7:17 p.m.11 views

CVE-2026-23949 vulnerabilities

Vulnerabilities for packages: pypy-3.10, awx, py3-setuptools, azure-functions-python-worker, superset, spamcheck, tritonserver-backend-vllm-cuda-12.9, kserve, apache-beam-python-3.11-sdk, nemo, datadog-agent, datadog-agent-fips, pypy-3.11, py3.9-setuptools, ansible-operator-fips, mlflow,...

8.6CVSS7AI score0.00527EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/01/14 2:24 p.m.162 views

exploit-chain-generator

Exploit Chain Generator Turn Noise into Signal: Correlate...

7.2AI score
Exploits0
Chainguard
Chainguard
added 2025/12/09 1:28 a.m.7 views

CVE-2025-66418 vulnerabilities

Vulnerabilities for packages: py3-pip, pypy-3.10, awx, graalvm, kubeflow-pipelines-visualization-server, superset, spamcheck, azure-functions-host, jupyter-base-notebook, tritonserver-backend-vllm-cuda-12.9, py3-pipenv, kserve, apache-beam-python-3.11-sdk, barman, nemo, datadog-agent,...

8.9CVSS6.7AI score0.00633EPSS
Exploits0
Chainguard
Chainguard
added 2025/12/09 1:28 a.m.5 views

CVE-2025-66471 vulnerabilities

Vulnerabilities for packages: py3-pip, pypy-3.10, awx, graalvm, kubeflow-pipelines-visualization-server, superset, spamcheck, azure-functions-host, jupyter-base-notebook, tritonserver-backend-vllm-cuda-12.9, py3-pipenv, kserve, apache-beam-python-3.11-sdk, barman, nemo, datadog-agent,...

8.9CVSS6.7AI score0.00633EPSS
Exploits0
Chainguard
Chainguard
added 2025/12/09 1:28 a.m.2 views

GHSA-GM62-XV2J-4W53 vulnerabilities

Vulnerabilities for packages: py3-pip, pypy-3.10, awx, graalvm, kubeflow-pipelines-visualization-server, superset, spamcheck, azure-functions-host, jupyter-base-notebook, tritonserver-backend-vllm-cuda-12.9, py3-pipenv, kserve, apache-beam-python-3.11-sdk, barman, nemo, datadog-agent,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/12/09 1:28 a.m.6 views

GHSA-2XPW-W6GG-JR37 vulnerabilities

Vulnerabilities for packages: py3-pip, pypy-3.10, awx, graalvm, kubeflow-pipelines-visualization-server, superset, spamcheck, azure-functions-host, jupyter-base-notebook, tritonserver-backend-vllm-cuda-12.9, py3-pipenv, kserve, apache-beam-python-3.11-sdk, barman, nemo, datadog-agent,...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 2025/11/24 9:42 p.m.200 views

Mutillidae-SAST-Analysis

🛡️ Static Application Security Testing SAST: OWASP Mutillida...

7.2AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1471

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01033EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2025/04/23 12:0 a.m.6 views

Automatically Generating Rules of Malicious Software Packages Via Large Language Model

Today's security tools predominantly rely on predefined rules crafted by experts, making them poorly adapted to the emergence of software supply chain attacks. To tackle this limitation, we propose a novel tool, RuleLLM, which leverages large language models LLMs to automate rule generation for O...

7AI score
Exploits0
OSV
OSV
added 2024/06/18 11:5 a.m.12 views

SUSE-SU-2024:1486-2 Security update for cosign

This update for cosign fixes the following issues: - CVE-2024-29902: Fixed denial of service on host machine via remote image with a malicious attachments bsc1222835 - CVE-2024-29903: Fixed denial of service on host machine via malicious software artifacts bsc1222837 Other fixes: - Updated to 2.2...

7.5CVSS5.8AI score0.00851EPSS
Exploits1References5
Kitploit
Kitploit
added 2023/09/20 11:30 a.m.25 views

Callisto - An Intelligent Binary Vulnerability Analysis Tool

Callisto is an intelligent automated binary vulnerability analysis tool. Its purpose is to autonomously decompile a provided binary and iterate through the psuedo code output looking for potential security vulnerabilities in that pseudo c code. Ghidra's headless decompiler is what drives the bina...

7.4AI score
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/06/27 1:25 a.m.4 views

SUSE CVE-2023-32758

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

7.5CVSS6.9AI score0.01033EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/05/15 6:30 a.m.28 views

git-url-parse Regular Expression Denial of Service

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

7.5CVSS7.2AI score0.01033EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2023/05/15 4:15 a.m.49 views

CVE-2023-32758

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

7.5CVSS7.4AI score0.01033EPSS
Exploits0References5
Prion
Prion
added 2023/05/15 4:15 a.m.25 views

Design/Logic Flaw

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

5CVSS7.4AI score0.01033EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2023/05/15 12:0 a.m.17 views

CVE-2023-32758

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

7.6AI score0.01033EPSS
Exploits0References5
CVE
CVE
added 2023/05/15 12:0 a.m.63 views

CVE-2023-32758

The connected documents confirm CVE-2023-32758 affects git-url-parse (Python) up to 1.2.2, used by Semgrep versions 1.5.2–1.24.1. The issue is a Regular Expression Denial of Service (ReDoS) when parsing untrusted URLs, with potential impact if a package’s author embeds a crafted URL in a target p...

7.5CVSS7.3AI score0.01033EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/15 12:0 a.m.4 views

PT-2023-24006

Name of the Vulnerable Software and Affected Versions giturlparse versions through 1.2.2 Semgrep versions 1.5.2 through 1.24.1 Description The issue is related to ReDoS Regular Expression Denial of Service when parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted...

7.5CVSS7AI score0.01033EPSS
Exploits0References15
OSV
OSV
added 2023/05/15 12:0 a.m.10 views

CVE-2023-32758

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

7.5CVSS7AI score0.01033EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2023/05/15 12:0 a.m.8 views

CVE-2023-32758

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

7.4AI score0.01033EPSS
Exploits0References5
Rows per page
Query Builder