Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

166 matches found

OSV
OSVadded 2024/10/16 12:21 p.m.16 views

MAL-2024-9463 Malicious code in @daimler-rcms/api-client (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2024/08/29 9:18 p.m.15 views

CVE-2024-45302 CRLF Injection in RestSharp's `RestRequest.AddHeader` method

RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to RestRequest.AddHeader the header value is vulnerable to CRLF injection. The same applies to RestRequest.AddOrUpdateHeader and RestClient.AddDefaultHeader. The way HTTP headers are added to a request is via the...

6.1CVSS7.5AI score0.00316EPSS
Exploits1References3
Cvelist
Cvelistadded 2024/08/29 9:18 p.m.38 views

CVE-2024-45302 CRLF Injection in RestSharp's `RestRequest.AddHeader` method

RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to RestRequest.AddHeader the header value is vulnerable to CRLF injection. The same applies to RestRequest.AddOrUpdateHeader and RestClient.AddDefaultHeader. The way HTTP headers are added to a request is via the...

6.1CVSS0.00316EPSS
Exploits1References3
vulnersOsv
vulnersOsvadded 2024/08/07 3:15 p.m.2 views

aldryn-django (=4.2.10.0), am-report (=0.1.5) +81 more potentially affected by CVE-2024-41990 via django (>=4.2.0 <=4.2.14)

django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-41990 Source advisory: OSV:PYSEC-2024-68...

7.5CVSS6.7AI score0.01258EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/07/12 8:45 a.m.3 views

Malicious code in cx-api-client-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 315d3186e692fd6934de0d66c25255e03eb763a15daa0785e92e58a2abbbba60 The OpenSSF Package Analysis project identified 'cx-api-client-lite' @ 200.0.1 npm as malicious. It is considered malicious because: - The packa...

7.1AI score
Exploits0
vulnersOsv
vulnersOsvadded 2024/07/10 5:15 a.m.3 views

aldryn-django (=4.2.10.0), am-report (=0.1.5) +81 more potentially affected by CVE-2024-38875 via django (>=4.2.0 <=4.2.13)

django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-38875 Source advisory: OSV:PYSEC-2024-56...

7.5CVSS6.6AI score0.01187EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/06/25 1:48 p.m.5 views

Malicious code in api-client_builder (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSV
OSVadded 2024/06/25 1:48 p.m.7 views

MAL-2024-6620 Malicious code in api-client_builder (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
OSV
OSVadded 2024/06/25 1:48 p.m.4 views

MAL-2024-6618 Malicious code in apache-sling_api_client (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
OSV
OSVadded 2024/06/25 1:48 p.m.6 views

MAL-2024-6616 Malicious code in apache-felix_api_client (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/06/25 1:31 p.m.2 views

Malicious code in VRCһаt.API.Client (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/06/02 1:6 p.m.3 views

Malicious code in wdio-api-client (npm)

This package is considered malicious because it communicates with a domain associated with malicious activity and the package executes one or more commands associated with malicious behavior...

7.1AI score
Exploits0
OSV
OSVadded 2024/06/02 1:6 p.m.9 views

MAL-2024-1402 Malicious code in wdio-api-client (npm)

This package is considered malicious because it communicates with a domain associated with malicious activity and the package executes one or more commands associated with malicious behavior...

7.3AI score
Exploits0
NVD
NVDadded 2024/05/27 4:15 p.m.34 views

CVE-2024-35219

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...

8.3CVSS8.1AI score0.03592EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/05/27 4:11 p.m.17 views

CVE-2024-35219 OpenAPI Generator Online - Arbitrary File Read/Delete

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...

8.3CVSS6.6AI score0.03592EPSS
Exploits0References3
OSV
OSVadded 2024/05/27 4:11 p.m.42 views

CVE-2024-35219 OpenAPI Generator Online - Arbitrary File Read/Delete

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...

8.3CVSS7.9AI score0.03592EPSS
Exploits0References5
CVE
CVEadded 2024/05/27 4:11 p.m.148 views

CVE-2024-35219

OpenAPI Generator (OpenAPI Tools) before version 7.6.0 is vulnerable to path traversal via the outputFolder option, allowing an attacker to read and delete files in arbitrary writable directories. The known impacted range is

8.3CVSS8.1AI score0.03592EPSS
In wildExploits0References3
Positive Technologies
Positive Technologiesadded 2024/03/18 12:0 a.m.3 views

PT-2024-21307 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform

Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform versions up to 20240318 Description: A critical issue has been found in the Fujian Kelixin Communication Command and Dispatch Platform, affecting an unknown functionality of the file...

9.8CVSS7AI score0.00558EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/02/20 2:53 a.m.3 views

Malicious code in ent-profile-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f9c39ae8dadaf1b8ac82e8e1f7b312d04c58cb2a208ba535221cae3bac7ae787 The OpenSSF Package Analysis project identified 'ent-profile-api-client' @ 9.3.1 npm as malicious. It is considered malicious because: - The...

7.2AI score
Exploits0
OSV
OSVadded 2024/02/20 2:53 a.m.14 views

MAL-2024-1026 Malicious code in ent-profile-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f9c39ae8dadaf1b8ac82e8e1f7b312d04c58cb2a208ba535221cae3bac7ae787 The OpenSSF Package Analysis project identified 'ent-profile-api-client' @ 9.3.1 npm as malicious. It is considered malicious because: - The...

7.4AI score
Exploits0
Rows per page
Query Builder