Lucene search
K

489 matches found

CNNVD
CNNVD
added 2025/09/25 12:0 a.m.4 views

Swagger Petstore Sample 安全漏洞

Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7 that stems from the DELETE endpoint not properly validating input, which could lead to remote code execution...

6.5CVSS7.7AI score0.00402EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.2 views

Swagger Petstore Sample 安全漏洞

Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7, which stems from the /api/v3/pet interface not validating specially crafted scripts, which could lead to a cross-site scripting attack...

6.1CVSS6AI score0.0035EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.2 views

Swagger Petstore Sample 安全漏洞

Swagger Petstore Sample is a sample petstore system in the Swagger open source. A security vulnerability exists in Swagger Petstore Sample version 1.0.7, which stems from a server returning a 404 error page and exposing sensitive information when accessing a non-existent endpoint or shopping cart...

6.5CVSS7.7AI score0.00495EPSS
Exploits1References4
Wolfi
Wolfi
added 2025/09/24 8:47 p.m.9 views

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: lazydocker, dgraph, nri-consul, rclone, docker-cli-buildx, kapp-controller, render-template, flux, nri-redis, step-kms-plugin, nodetaint, nuclei, tigera-operator, kube-logging-operator, nginx-prometheus-exporter, nri-haproxy, kuberlr, harbor-registry, wgcf,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2025/09/24 2:18 p.m.8 views

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: kuma, mockgen, teleport, rancher-agent, bom, k3d, neuvector, knative-serving, spark-operator, kor, azuredisk-csi, harbor-registry, oauth2-proxy, kubernetes-dashboard-web, gcp-compute-persistent-disk-csi-driver, wire-go, terraform-provider-azapi, prometheus-operator,...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2025/09/20 8:17 p.m.197 views

Exploit for Improper Input Validation in Smartbear Swagger_Ui

swagger-ui POC for Testing HTML Injection in Swagger UI CVE-...

4.3CVSS7.2AI score0.42326EPSS
Exploits4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/15 11:50 p.m.3 views

Malicious code in koa2-swagger-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31fd12270f2d2a5b53bfaf3aabcbae8d26a7eec21613c28e4673369a33025ba5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
OSV
OSV
added 2025/09/15 11:50 p.m.1 views

MAL-2025-47187 Malicious code in koa2-swagger-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31fd12270f2d2a5b53bfaf3aabcbae8d26a7eec21613c28e4673369a33025ba5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
Snyk
Snyk
added 2025/09/15 7:39 a.m.1 views

Embedded Malicious Code

Overview koa2-swagger-ui is a swagger ui for a koa v2 app Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It...

9.8CVSS7AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/09/15 7:39 a.m.7 views

@citrineos/ocpi-base (>=2.0.0 <=2.0.1), @citrineos/ocpi-cdrs (>=2.0.0 <=2.0.1) +16 more potentially affected by unknown CVE via koa2-swagger-ui (>=5.0.5 <=5.11.0)

koa2-swagger-ui NPM version =5.0.5, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.5.0, =0.1.1, =0.1.0, =0.5.0 - @trey.turner/artifacts-mocks-counterfact =0.0.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-KOA2SWAGGERUI-12704865...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-39910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all version...

4.3CVSS5AI score0.00955EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in swagger-to-server (npm)

The package swagger-to-server was found to contain malicious code...

7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.7 views

swagger-koa88 (>=1.0.2 <=1.0.5-0), windows10-electron-vibrancy (>=1.0.0 <=1.0.1) +1 more potentially affected by unknown CVE via coffe-script (=0.0.1-security)

coffe-script NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on coffe-script and may be impacted: - swagger-koa88 =1.0.2, =1.0.0, =1.0.5, =1.1.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17263...

5.8AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-9594 Malicious code in @vikas_upadhyay0/swagger-lint (npm)

The package @vikasupadhyay0/swagger-lint was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-34265 Malicious code in swagger-to-server (npm)

The package swagger-to-server was found to contain malicious code...

7.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/13 9:52 a.m.19 views

app.cash.backfila:client-misk (>=0.1.0 <=2023.11.24.141218-0357917), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1456 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-ext-jdk15on (>=1.49 <=1.70)

org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.49, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =3.0.1, =2.10.0-11-1, =1.1.5, =1.0.2,...

6.3CVSS6.7AI score0.0043EPSS
Exploits0
Chainguard
Chainguard
added 2025/08/09 1:17 p.m.9 views

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: kuma, fluent-bit-plugin-loki, grafana-fips, teleport, nri-kafka, aws-iam-authenticator-fips, verticadb-operator-fips, kube-conformance, hugo-extended, verticadb-operator, kyverno-policy-reporter, coredns, knative-serving, trillian-fips, azuredisk-csi, influx,...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/06 10:13 p.m.4 views

CVE-2025-8527

A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument...

8.8CVSS6.4AI score0.00295EPSS
Exploits1References1
NVD
NVD
added 2025/08/04 10:15 p.m.5 views

CVE-2025-8527

A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument...

8.8CVSS0.00295EPSS
Exploits1References5
OSV
OSV
added 2025/08/04 10:15 p.m.3 views

CVE-2025-8527

A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument...

8.8CVSS7.2AI score
Exploits0References5
Rows per page
Query Builder