Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.3 views

Astra Linux - уязвимость в openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, and Oracle GraalVM for JDK products of Oracle Java SE component: Libraries. The supported versions affected by this vulnerability are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise...

3.7CVSS6.8AI score0.00083EPSS
Exploits0References2
Snyk
Snykadded 2026/03/07 1:59 a.m.1 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the ValidateStdioConfig process. An attacker can execute arbitrary commands with application privileges by bypassing argument validation using the -p flag in npx node. This allows full system compromise through...

9.9CVSS6AI score0.00083EPSS
Exploits1References2
Wallarm Lab
Wallarm Labadded 2025/11/21 12:0 p.m.5 views

APIs Are the Retail Engine: How to Secure Them This Black Friday

Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due to a cyberattack? Black Friday is the biggest day in the retail calendar. It’s also the riskiest. As you gear up for huge surges in online traffic, ask yourself: have you protected the APIs on...

7.7AI score
Exploits0
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-47859

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00412EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/23 2:28 a.m.6 views

CVE-2023-3709

The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to...

5.3CVSS6.9AI score0.00395EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/11/06 2:54 p.m.17 views

CVE-2024-6861 Foreman: foreman: oauth secret exposure via unauthenticated access to the graphql api

A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the introspection feature is enabled, it is possible for attackers to retrieve sensitive admin authentication keys which could result in a compromise of the entire product's API...

7.5CVSS0.00412EPSS
Exploits0References5
CVE
CVEadded 2022/01/28 10:4 a.m.60 views

CVE-2022-24071

CVE-2022-24071 affects Whale browser prior to 3.12.129.46. A built-in extension vulnerability can compromise the rendering process, potentially enabling an attacker to control browser internal APIs. Exploitation details, affected versions beyond the cited release, and concrete remediation steps a...

4.3CVSS4.6AI score0.00206EPSS
Exploits0References1Affected Software1
Schneier on Security
Schneier on Securityadded 2021/02/08 12:34 p.m.53 views

NoxPlayer Android Emulator Supply-Chain Attack

It seems to be the season of sophisticated supply-chain attacks. This one is in the NoxPlayer Android emulator: ESET says that based on evidence its researchers gathered, a threat actor compromised one of the companys official API api.bignox.com and file-hosting servers res06.bignox.com. Using th...

1.1AI score
Exploits0
Rows per page
Query Builder