Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-29431

Malicious code in bioql PyPI...

9CVSS8.7AI score0.00399EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-29432

Malicious code in bioql PyPI...

10CVSS9.4AI score0.00805EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:9 a.m.4 views

CVE-2022-24551

A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password including system/administrator user using any available user This affects StarWind SAN and NAS v0.2 build 1633...

9CVSS6.8AI score0.00399EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:29 p.m.4 views

CVE-2022-24552

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

10CVSS6.9AI score0.00805EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/06/03 12:0 a.m.2 views

PT-2022-21193 · Starwind · Starwind Stack +1

Name of the Vulnerable Software and Affected Versions: StarWind SAN and NAS version 0.2 build 1914 Description: A flaw was found in the REST API of StarWind Stack, allowing remote code execution. The REST command for changing the hostname does not check the new hostname parameter, which can be...

9CVSS9AI score0.04474EPSS
Exploits0References5
OSV
OSVadded 2022/02/06 9:15 p.m.2 views

CVE-2022-24552

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

9.8CVSS7.3AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/02/06 9:15 p.m.2 views

CVE-2022-24552

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

10CVSS7.3AI score0.00805EPSS
Exploits0References2
OSV
OSVadded 2022/02/06 9:15 p.m.0 views

CVE-2022-24551

A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password including system/administrator user using any available user This affects StarWind SAN and NAS v0.2 build 1633...

8.8CVSS7.3AI score0.00399EPSS
Exploits0References1
NVD
NVDadded 2022/02/06 9:15 p.m.9 views

CVE-2022-24552

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

10CVSS0.00805EPSS
Exploits0References1
NVD
NVDadded 2022/02/06 9:15 p.m.10 views

CVE-2022-24551

A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password including system/administrator user using any available user This affects StarWind SAN and NAS v0.2 build 1633...

9CVSS0.00399EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/02/06 9:15 p.m.2 views

CVE-2022-24551

A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password including system/administrator user using any available user This affects StarWind SAN and NAS v0.2 build 1633...

9CVSS7.3AI score0.00399EPSS
Exploits0References2
Prion
Prionadded 2022/02/06 9:15 p.m.10 views

Default credentials

A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password including system/administrator user using any available user This affects StarWind SAN and NAS v0.2 build 1633...

9CVSS8.4AI score0.00399EPSS
Exploits0References1Affected Software2
Prion
Prionadded 2022/02/06 9:15 p.m.15 views

Cross site request forgery (csrf)

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

10CVSS9.3AI score0.00805EPSS
Exploits0References1Affected Software2
Cvelist
Cvelistadded 2022/02/06 8:18 p.m.10 views

CVE-2022-24551

A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password including system/administrator user using any available user This affects StarWind SAN and NAS v0.2 build 1633...

8.7AI score0.00399EPSS
Exploits0References1
CVE
CVEadded 2022/02/06 8:18 p.m.64 views

CVE-2022-24551

The CVE-2022-24551 issue affects StarWind SAN & NAS: the password-reset endpoint does not validate the current username and old password, allowing an attacker to reset any local user password (including administrator). Reported for StarWind SAN & NAS v0.2 builds 1633–1684. Mitigation: update to v...

9CVSS8.5AI score0.00399EPSS
Exploits0References1Affected Software2
Cvelist
Cvelistadded 2022/02/06 8:18 p.m.9 views

CVE-2022-24552

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

9.6AI score0.00805EPSS
Exploits0References1
CVE
CVEadded 2022/02/06 8:18 p.m.63 views

CVE-2022-24552

The CVE-2022-24552 entry concerns StarWind Stack’s REST API: the REST command that manipulates a virtual disk does not validate input parameters, and certain inputs are passed to a bash script. This allows an attacker with non-root access to inject data that may be executed with root privileges, ...

10CVSS9.3AI score0.00805EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologiesadded 2022/02/06 12:0 a.m.2 views

PT-2022-16715 · Starwind · Starwind Stack +1

Name of the Vulnerable Software and Affected Versions: StarWind SAN and NAS version 0.2 build 1633 Description: A flaw was found in the REST API in StarWind Stack, where the REST command that manipulates a virtual disk does not check input parameters. Some of these parameters are directly execute...

10CVSS9.4AI score0.00805EPSS
Exploits0References4
Rows per page
Query Builder