Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2022/06/17 1:2 a.m.18 views

GHSA-5Q86-62XR-3R57 Uses of deprecated API can be used to cause DoS in user-facing endpoints

Impact Several HandleRoute endpoints make use of the deprecated ioutil.ReadAll. ioutil.ReadAll reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to crash it and cause denial of service. Eventsources susceptible to an out-of-memor...

7.5CVSS7.3AI score0.00563EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2022/06/17 1:2 a.m.35 views

Uses of deprecated API can be used to cause DoS in user-facing endpoints

Impact Several HandleRoute endpoints make use of the deprecated ioutil.ReadAll. ioutil.ReadAll reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to crash it and cause denial of service. Eventsources susceptible to an out-of-memor...

7.5CVSS7.1AI score0.00563EPSS
Exploits0References6Affected Software1
NVD
NVDadded 2021/11/19 8:15 p.m.10 views

CVE-2021-41280

Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service SNS notification token configured via the snsnotificationtoken configuration...

9.8CVSS0.07631EPSS
Exploits0References3
Prion
Prionadded 2021/11/19 8:15 p.m.20 views

Command injection

Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service SNS notification token configured via the snsnotificationtoken configuration...

7.5CVSS9.6AI score0.07631EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2021/11/19 8:5 p.m.41 views

CVE-2021-41280

CVE-2021-41280 affects Sharetribe Go (OS configuration) where an operating system command injection is possible in affected versions that do not configure the secret SNS notification token via the sns_notification_token parameter. The issue is mitigated by upgrading to version 10.2.1, where the p...

9.8CVSS9.8AI score0.07631EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2021/11/19 8:5 p.m.11 views

CVE-2021-41280 OS command injection in Sharetribe Go

Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service SNS notification token configured via the snsnotificationtoken configuration...

9.8CVSS9.9AI score0.07631EPSS
Exploits0References3
Rows per page
Query Builder