Lucene search
K

69 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-40104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ixgbevf: fix mailbox API compatibility by negotiating supported features There was backward compatibility in the terms of mailbox API. Various drivers from...

6AI score0.00183EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-4238

Malware in sbrugna...

2.1CVSS6.2AI score0.00338EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-29654

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00603EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-27402

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01274EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-39797

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00815EPSS
Exploits0References2
Spring Security Advisories
Spring Security Advisories
added 2025/09/16 12:0 a.m.3 views

API Versioning in Spring

In this 2nd blog post of the Road to GA series highlighting major features within the Spring portfolio for the next major versions to be released in November, I’m going to focus on the upcoming API Versioning support in Spring Framework 7. Introduction API versioning is a challenging topic. Most...

6.6AI score
Exploits0
NVD
NVD
added 2025/09/14 5:15 a.m.10 views

CVE-2025-59363

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 even though this secret should only be returned when an App is first created,...

7.7CVSS0.00303EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in @epc-apps/api-version-test (npm)

The package @epc-apps/api-version-test was found to contain malicious code...

7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2025/07/25 12:0 a.m.4 views

CVE-2025-29629

Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 uses weak default credentials for secure shell access. This may result in attackers gaining access to exposed Gardyn Home Kits...

9.1CVSS5.3AI score0.00469EPSS
Exploits2References5
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.3 views

Cadwyn 跨站脚本漏洞

Cadwyn is an API version control application by the individual developer Stanislav Zmiev. A cross-site scripting vulnerability exists in Cadwyn 5.4.3 and earlier versions, which stems from insufficient validation of the /docs endpoint version parameter input and could lead to a reflective...

7.6CVSS5.8AI score0.00244EPSS
Exploits0References3
OSV
OSV
added 2025/06/29 12:30 p.m.5 views

MAL-2025-5316 Malicious code in plugin-api-version (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f4f1500b9b02566e5be415a195e434461c5dc160084330f80c8eb4c726a2563b The OpenSSF Package Analysis project identified 'plugin-api-version' ...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/29 12:30 p.m.4 views

Malicious code in plugin-api-version (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f4f1500b9b02566e5be415a195e434461c5dc160084330f80c8eb4c726a2563b The OpenSSF Package Analysis project identified 'plugin-api-version' ...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.6 views

CVE-2024-4994

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1.0 before 16.11.5, all versions starting from 17.0 before 17.0.3, all versions starting from 17.1.0 before 17.1.1 which allowed for a CSRF attack on GitLab's GraphQL API leading to the execution of arbitrary GraphQL...

8.1CVSS7.2AI score0.00352EPSS
Exploits1References1
OSV
OSV
added 2025/06/19 11:15 a.m.5 views

CVE-2025-32896

Summary Unauthorized users can perform Arbitrary File Read and Deserialization attack by submit job using restful api-v1. Details Unauthorized users can access /hazelcast/rest/maps/submit-job to submit job. An attacker can set extra params in mysql url to perform Arbitrary File Read and...

6.5CVSS9.5AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 2:9 a.m.11 views

CVE-2023-42284

Blind SQL injection in apiversion parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...

9.8CVSS7.8AI score0.01247EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:57 a.m.5 views

CVE-2017-11667

OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote attackers to perform APIv3 requests indefinitely by leveraging a hijacked session...

8.1CVSS8.1AI score0.0142EPSS
Exploits0References1
Snyk
Snyk
added 2025/03/20 12:32 p.m.4 views

Denial of Service (DoS)

Overview hyperlpr3 is a vehicle license plate recognition. Affected versions of this package are vulnerable to Denial of Service DoS through the /api/v1/rec endpoint. An attacker can cause the server to consume excessive resources and become unavailable by appending characters, such as dashes -, ...

8.7CVSS7.1AI score0.00489EPSS
Exploits0References2
NVD
NVD
added 2025/01/12 10:15 p.m.19 views

CVE-2024-42179

HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0 as the server's name & version...

2.7CVSS0.0022EPSS
Exploits0References1
OSV
OSV
added 2024/12/05 7:6 p.m.5 views

GHSA-VXCF-C7MX-PG53 Build corruption when using `PYO3_CONFIG_FILE` environment variable

In PyO3 0.23.0 the PYO3CONFIGFILE environment variable used to configure builds regressed such that changing the environment variable would no longer trigger PyO3 to reconfigure and recompile. In combination with workflows using tools such as maturin to build for multiple versions in a single...

7.1AI score
Exploits0References3
NVD
NVD
added 2023/11/07 8:15 a.m.19 views

CVE-2023-42284

Blind SQL injection in apiversion parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query...

9.8CVSS9.6AI score0.01247EPSS
Exploits2References1
Rows per page
Query Builder