Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-0895

Malicious code in bioql PyPI...

8.2CVSS8.2AI score0.00052EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/05/22 10:10 p.m.4 views

CVE-2022-24280

Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy's IP address. When the Apache Pulsar Proxy component is used, it is possible to attempt to open TCP/IP connections to any IP addre...

6.5CVSS6.9AI score0.00224EPSS
Exploits0References1
Veracode
Veracodeadded 2024/03/13 10:33 a.m.23 views

Improper Authentication

Apache Pulsar Proxy is vulnerable to Improper Authentication. The vulnerability is caused due to missing authorization checks in the /proxy-stats endpoint. This can lead to unauthorized access this sensitive endpoints, allowing attackers to view detailed connection statistics and potentially...

8.2CVSS6.6AI score0.00052EPSS
Exploits0References7Affected Software1
Prion
Prionadded 2024/03/12 7:15 p.m.29 views

Authentication flaw

Improper Authentication vulnerability in Apache Pulsar Proxy allows an attacker to connect to the /proxy-stats endpoint without authentication. The vulnerable endpoint exposes detailed statistics about live connections, along with the capability to modify the logging level of proxied connections...

6.4CVSS7.1AI score0.00052EPSS
Exploits0References2
NVD
NVDadded 2022/09/23 10:15 a.m.10 views

CVE-2022-24280

Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy's IP address. When the Apache Pulsar Proxy component is used, it is possible to attempt to open TCP/IP connections to any IP addre...

6.5CVSS0.00224EPSS
Exploits0References1
OSV
OSVadded 2022/09/23 10:15 a.m.22 views

CVE-2022-24280

Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy's IP address. When the Apache Pulsar Proxy component is used, it is possible to attempt to open TCP/IP connections to any IP addre...

6.5CVSS6.5AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/09/23 9:25 a.m.7 views

CVE-2022-24280 Apache Pulsar Proxy target broker address isn't validated

Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy's IP address. When the Apache Pulsar Proxy component is used, it is possible to attempt to open TCP/IP connections to any IP addre...

6.5AI score0.00224EPSS
Exploits0References1
CVE
CVEadded 2022/09/23 9:25 a.m.83 views

CVE-2022-24280

Summary of CVE-2022-24280 : The Proxy component of Apache Pulsar has an input-validation weakness that enables DoS-like TCP/IP connection attempts to originate from the Pulsar Proxy’s IP. Affected versions include 2.7.0–2.7.4; 2.8.0–2.8.2; 2.9.0–2.9.1; and 2.6.4 and earlier. The attacker must hav...

6.5CVSS6.4AI score0.00224EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder