Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

168 matches found

BDU FSTEC
BDU FSTECadded 2022/02/16 12:0 a.m.1 views

The vulnerability of the Apache ShenYu software lies in its incorrect code generation management, allowing attackers to execute arbitrary code.

The vulnerability of the Apache ShenYu software is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using Groovy Code injection or SpEL injection...

10CVSS8.2AI score0.06029EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2022/01/28 10:13 p.m.1 views

GHSA-GH38-X2WM-XMC8 Code injection in ShenYu

Groovy Code Injection & SpEL Injection which lead to Remote Code Execution. This issue affected Apache ShenYu 2.4.0 and 2.4.1...

9.8CVSS7.3AI score0.06029EPSS
Exploits0References5
CNNVD
CNNVDadded 2022/01/25 12:0 a.m.4 views

Apache ShenYu 代码注入漏洞

Apache ShenYu is an asynchronous , high-performance , cross-language , responsive API gateway of the United States Apache Apache Foundation . Apache ShenYu has a code injection vulnerability in versions 2.4.0 and 2.4.1 that stems from an improperly designed or implemented code development process...

9.8CVSS6.6AI score0.06029EPSS
Exploits0References5
CNNVD
CNNVDadded 2021/11/19 12:0 a.m.21 views

VMware Spring Cloud Netflix 代码注入漏洞

Vmware VMware Spring Cloud Netflix is a service from Vmware, Inc. It provides Netflix OSS integration for Spring Boot applications by automatically configuring and binding to the Spring Environment and other Spring programming model idioms. A security vulnerability exists in VMware Spring Cloud...

8.8CVSS7.8AI score0.12694EPSS
Exploits0References2
OSV
OSVadded 2020/12/11 3:15 a.m.2 views

CVE-2020-9301

Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5. The vulnerability exists within the handling of SpEL expressions that allows an attacker to read and write arbitrary files within the orca container...

8.8CVSS5.9AI score0.01504EPSS
Exploits0References1
CNNVD
CNNVDadded 2020/12/10 12:0 a.m.5 views

Netflix Spinnaker Code Issue Vulnerability

Netflix Spinnaker is a continuous delivery platform from the American company Netflix. The platform serves as a cloud platform deployment tool that supports Google, Microsoft, Pivotal, and other cloud platforms, providing out-of-the-box cluster management and deployment capabilities. Netflix...

8.8CVSS7.5AI score0.01504EPSS
Exploits0References2
CNVD
CNVDadded 2018/04/12 12:0 a.m.4 views

Spring Data Commons Remote Code Execution Vulnerability

Spring Data is a project module in the Spring Framework that provides access to the underlying data , Spring Data Commons is a shared base module . A remote code execution vulnerability exists in Spring Data Commons. The vulnerability is due to the Spring Data Commons module using SpEl expression...

9.8CVSS8.5AI score0.95649EPSS
Exploits9References1
CNVD
CNVDadded 2016/07/14 12:0 a.m.2 views

Spring Boot Framework SPEL Expression Injection Vulnerability

Spring is a lightweight Java development framework . Spring Boot is a core subproject of Spring , which is designed to simplify the initial setup of new Spring applications and the development process . Spring Boot Framework SPEL Expression Injection Vulnerability. As the user adopts Spring Boot ...

8.4AI score
Exploits0References1
Rows per page
Query Builder