Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2026/06/13 2:10 a.m.11 views

MAL-2026-5723 Malicious code in @ci-lifecycle-test/postinstall-ping (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75c160ad40a237c1e682c696ebd0aec2861ca072f47bd5b725bc80f7f95ed509 The package's postinstall lifecycle script postinstall.js executes automatically on npm install and POSTs the JSON-serialized contents of the entire...

5.5AI score
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2016-0909

Malware in sbrugna...

10CVSS8.7AI score0.01412EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-7127

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00512EPSS
Exploits0References4
OSV
OSVadded 2024/06/17 10:30 p.m.18 views

GHSA-6GR4-52W6-VMQX rke's credentials are stored in the RKE1 Cluster state ConfigMap

Impact When RKE provisions a cluster, it stores the cluster state in a configmap called full-cluster-state inside the kube-system namespace of the cluster itself. This cluster state object contains information used to set up the K8s cluster, which may include the following sensitive data: -...

9.9CVSS9.1AI score0.00641EPSS
Exploits0References6
OSV
OSVadded 2024/06/04 12:15 p.m.4 views

CVE-2024-4254

The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main' branch, is vulnerable to secrets exfiltration due to improper authorization. The vulnerability arises from the workflow's explicit checkout and execution of code from a fork, which is unsafe as it...

7.1CVSS5.9AI score0.0047EPSS
Exploits1References1
Prion
Prionadded 2023/02/13 7:15 p.m.13 views

Code injection

Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk binary logs an AWS Access Key ID and Secret in cleartext to standard output, allowing a local user to view the key in the console, or in Kubernetes logs if stdout output is collected. The fixed versio...

1.7CVSS5.3AI score0.00266EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2018/03/29 10:29 p.m.21 views

CVE-2016-0898

MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM...

10CVSS9.5AI score0.01412EPSS
Exploits0References2
Prion
Prionadded 2018/03/29 10:29 p.m.17 views

Design/Logic Flaw

MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM...

5CVSS7.5AI score0.01412EPSS
Exploits0References2Affected Software1
Information Security Automation
Information Security Automationadded 2017/10/31 9:29 p.m.74 views

Starting/stopping Amazon EC2 instances using CLI and Python SDK

It's a very good practice to scan your perimeter from the outside of your network, simulating an attacker. However, you will need to deploy the scanners somewhere to do this. Hosting on Amazon EC2 can be a good and cost-effective option, especially if you start instances with vulnerability scanne...

7.1AI score
Exploits0
Rows per page
Query Builder