Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2024/11/12 6:47 p.m.17 views

Security Bulletin: IBM Master Data Management has identfied a cross-site scripting vulnerability affecting Inspector application and supporting API's (CVE-2023-46187)

Summary InfoSphere Master Data Management v11.6, v12.0, and v14.0 were found to be vulnerable to cross-site scripting in Inspector application. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

5.4CVSS5.7AI score0.00268EPSS
Exploits0Affected Software1
Prion
Prionadded 2023/05/29 3:15 a.m.17 views

Cross site scripting

OX App Suite before frontend 7.10.6-rev24 allows XSS via a non-app deeplink such as the jslob API's registry sub-tree...

5.8CVSS5.9AI score0.00428EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blogadded 2022/05/14 1:28 a.m.33 views

Improper Input Validation in .Net Framework API's

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'...

5.9CVSS4AI score0.04518EPSS
Exploits0References7Affected Software2
OSV
OSVadded 2022/05/13 1:7 a.m.27 views

GHSA-2CJC-RGMP-X649 Traefik Missing Authentication

Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable...

7.5CVSS7.6AI score0.02868EPSS
Exploits0References6
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikovadded 2021/06/04 5:50 a.m.236 views

API Securing in 2021 — Top 10 Best Practices

API Securing in 2021📋 — Top 10 Best Practices I love drawing inspiration from real life and todays article is no different. I often get asked the question on how to hack an API but what some people don’t realise is that almost everything is connected to an API these days, even the smart fridges i...

8.2AI score
Exploits0
AlpineLinux
AlpineLinuxadded 2021/02/27 12:0 a.m.41 views

CVE-2021-3197

An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via sshoptions provided in an API request...

9.8CVSS9.6AI score0.72327EPSS
Exploits0
OpenVAS
OpenVASadded 2019/02/13 12:0 a.m.218 views

Microsoft .NET Framework Multiple Vulnerabilities (KB4483451)

This host is missing an important security update according to Microsoft KB4483451 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

7.1AI score
Exploits0References3
NVD
NVDadded 2018/07/13 6:29 p.m.21 views

CVE-2018-1000211

Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry...

7.5CVSS7.5AI score0.01611EPSS
Exploits0References2
Rows per page
Query Builder