Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

6 matches found

Packet Storm
Packet Stormβ€’added 2025/12/04 12:0 a.m.β€’129 views

πŸ“„ Azure APIM 2 Vulnerability Checker

This PHP script is a full vulnerability scanner with proof of concepts for Azure API Management APIM instances, focusing on the possibility of cross‑tenant account signup bypass through the Basic Auth Identity Provider...

7AI score
Exploits0
The Hacker News
The Hacker Newsβ€’added 2023/05/04 1:19 p.m.β€’3 views

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service

Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services. This includes two server-side request forgery SSRF flaws and one instance of unrestricted file upload...

7.7AI score
Exploits0
The Hacker News
The Hacker Newsβ€’added 2023/01/17 2:12 p.m.β€’71 views

Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access

Four different Microsoft Azure services have been found vulnerable to server-side request forgery SSRF attacks that could be exploited to gain unauthorized access to cloud resources. The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API...

0.3AI score
Exploits0
Hacker One
Hacker Oneβ€’added 2022/07/06 2:2 p.m.β€’7 views

U.S. Dept Of Defense: Unauthenticated access to internal API atβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ.β–ˆβ–ˆβ–ˆ.edu [HtUS]

There was unauthenticated access to internal API atβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ.β–ˆβ–ˆβ–ˆ.edu. Multiple API calls allowed an attacker to gain access to the internal API via the Azure API url appg3entcalapi.azurewebsites.net. The access toβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ.β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ.edu was only supposed to be available to internal users...

7.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesβ€’added 2022/06/20 8:10 p.m.β€’2 views

Malicious code in azure-api-style-guide (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 257d088a2c56246e87ea0068e7e5ffa617d5f06a13dac71c7aca131ab34dcf04 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVβ€’added 2022/06/20 8:10 p.m.β€’8 views

MAL-2022-1234 Malicious code in azure-api-style-guide (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 257d088a2c56246e87ea0068e7e5ffa617d5f06a13dac71c7aca131ab34dcf04 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder