Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2026/01/02 3:23 p.m.6 views

Signal K Server Vulnerable to Remote Code Execution via Malicious npm Package

The SignalK appstore interface allows administrators to install npm packages through a REST API endpoint. While the endpoint validates that the package name exists in the npm registry as a known plugin or webapp, the version parameter accepts arbitrary npm version specifiers including URLs. npm...

8.6CVSS8AI score0.0005EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2025/03/27 11:15 p.m.9 views

CVE-2025-2885

Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to the client instead of the intended version in the root metadata file, altering the version fetched by the client. Users should upgrade to tough version 0.20.0 or later and ensure...

5.7CVSS0.00255EPSS
Exploits0References3
OSV
OSVadded 2025/03/27 11:15 p.m.2 views

CVE-2025-2885

Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to the client instead of the intended version in the root metadata file, altering the version fetched by the client. Users should upgrade to tough version 0.20.0 or later and ensure...

4.5CVSS7.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/06/03 12:0 a.m.24 views

RHEL 8 : python-pip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-pip: when --extra-index-url option is used and package does not already exist in the public index, the...

7.8CVSS6.7AI score0.03726EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.26 views

RHEL 7 : python-pip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-pip: when --extra-index-url option is used and package does not already exist in the public index,...

7.3AI score0.03726EPSS
Exploits3References3
Tenable Nessus
Tenable Nessusadded 2021/04/15 12:0 a.m.39 views

EulerOS Virtualization 2.9.1 : python-pip (EulerOS-SA-2021-1728)

According to the version of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - DISPUTED An issue was discovered in pip all versions because it installs the version with the highest version number, even if th...

7.8CVSS6.5AI score0.03726EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2021/04/15 12:0 a.m.41 views

EulerOS Virtualization 2.9.0 : python-pip (EulerOS-SA-2021-1745)

According to the version of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - DISPUTED An issue was discovered in pip all versions because it installs the version with the highest version number, even if th...

7.8CVSS6.5AI score0.03726EPSS
Exploits0References2
Rows per page
Query Builder