Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3485 matches found

Debian CVE
Debian CVEadded 2021/09/06 11:32 a.m.31 views

CVE-2021-25735

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the No...

6.5CVSS5.9AI score0.05226EPSS
Exploits1
AlpineLinux
AlpineLinuxadded 2021/09/06 11:32 a.m.34 views

CVE-2021-25735

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the No...

6.5CVSS6.7AI score0.05226EPSS
Exploits1
GitLab Advisory Database
GitLab Advisory Databaseadded 2021/09/06 12:0 a.m.28 views

Incorrect Authorization

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook.Validating Admission Webhook does not observe some previous fields...

6.5CVSS3.9AI score0.05226EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blogadded 2021/09/01 6:40 p.m.29 views

Stored XSS vulnerability on Bounce Management Callback

Impact Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. The values submitted in the "error" and "errorrelatedto" parameters of the POST request of the bounce management callback will be permanently stored and...

8.2CVSS0.4AI score0.00677EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 2021/09/01 12:0 a.m.5 views

PT-2021-6571

Name of the Vulnerable Software and Affected Versions Kubernetes affected versions not specified Description A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect...

4.1CVSS6AI score0.01953EPSS
Exploits0References22
NVD
NVDadded 2021/08/20 6:15 p.m.11 views

CVE-2021-22246

A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook feature could be abused to perform denial of service attacks...

7.7CVSS0.01335EPSS
Exploits0References3
OSV
OSVadded 2021/08/20 6:15 p.m.21 views

CVE-2021-22246

A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook feature could be abused to perform denial of service attacks...

6.5CVSS6.3AI score0.01335EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2021/08/20 6:15 p.m.28 views

CVE-2021-22246

A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook feature could be abused to perform denial of service attacks...

7.7CVSS6.8AI score0.01335EPSS
Exploits0References4
Prion
Prionadded 2021/08/20 6:15 p.m.14 views

Design/Logic Flaw

A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook feature could be abused to perform denial of service attacks...

4CVSS6.1AI score0.01335EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2021/08/20 6:15 p.m.0 views

UBUNTU-CVE-2021-22246

A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook feature could be abused to perform denial of service attacks...

7.7CVSS6.8AI score0.01335EPSS
Exploits0References5
CVE
CVEadded 2021/08/20 5:38 p.m.59 views

CVE-2021-22246

CVE-2021-22246 affects GitLab versions before 14.0.2, 13.12.6, and 13.11.6. The issue arises from the GitLab Webhook feature and can be abused to cause denial of service attacks, impacting availability (as indicated in CVSS metrics). The provided documents do not specify the exact root cause deta...

7.7CVSS6AI score0.01335EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2021/08/20 5:38 p.m.19 views

CVE-2021-22246

A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook feature could be abused to perform denial of service attacks...

7.7CVSS7.3AI score0.01335EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2021/08/20 5:38 p.m.16 views

CVE-2021-22246

Removed by vendor...

7.7CVSS6.9AI score0.01335EPSS
Exploits0
CNNVD
CNNVDadded 2021/08/20 12:0 a.m.3 views

GitLab安全漏洞

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in GitLab versions prior to 14.0.2, 13.12.6,...

7.7CVSS5.6AI score0.01335EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2021/08/20 12:0 a.m.3 views

PT-2021-6486 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 14.0.2 GitLab versions prior to 13.12.6 GitLab versions prior to 13.11.6 Description: The issue is related to the GitLab Webhook feature, which can be exploited to cause a denial of service. This is due to the potenti...

7.7CVSS6.4AI score0.01335EPSS
Exploits0References12
Kitploit
Kitploitadded 2021/07/02 12:30 p.m.108 views

Lazyrecon - Tool To Automate Your Reconnaissance Process In An Organized Fashion

Lazyrecon is a subdomain discovery tool that finds and resolves valid subdomains then performs SSRF/LFI/SQLi fuzzing, brute-force and port scanning. It has a simple modular architecture and is optimized for speed while working with github and wayback machine. Features Super fast asynchronous...

7AI score
Exploits0References15
Github Security Blog
Github Security Blogadded 2021/06/23 5:20 p.m.57 views

Improper input validation in CNCF Cortex

The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. The HTTP basic auth passwordfile can be used as an attack vector to send any file content via a webhook. The alertmanager templates can be used as an attack...

5.5CVSS0.9AI score0.0037EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2021/06/18 10:15 a.m.3 views

CVE-2021-21669

Jenkins Generic Webhook Trigger Plugin 1.72 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.8CVSS7.3AI score
Exploits0References2
NVD
NVDadded 2021/06/18 10:15 a.m.13 views

CVE-2021-21669

Jenkins Generic Webhook Trigger Plugin 1.72 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.8CVSS0.25746EPSS
Exploits0References2
Prion
Prionadded 2021/06/18 10:15 a.m.21 views

Xxe

Jenkins Generic Webhook Trigger Plugin 1.72 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.5CVSS9.4AI score0.25746EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder