Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2023/03/06 6:5 p.m.207 views

CVE-2023-26054

BuildKit's CVE-2023-26054 vulnerability occurs when a build request includes a Git URL containing credentials and BuildKit creates a provenance attestation; the credentials could be exposed to anyone with access to the attestation. This affects builds using provenance attestations and VCS hints i...

6.5CVSS6.6AI score0.01033EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2023/03/06 6:5 p.m.20 views

CVE-2023-26054 Credentials inlined to Git URLs could end up in provenance attestation in BuildKit

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...

6.5CVSS7.5AI score0.01033EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2022/11/22 12:0 a.m.4 views

CVE-2022-38462

Silverstripe silverstripe/framework through 4.11 is vulnerable to XSS by carefully crafting a return URL on a /dev/build or /Security/login request...

6AI score0.0068EPSS
Exploits0References3
CNVD
CNVDadded 2022/08/18 12:0 a.m.29 views

Google Android Elevation of Privilege Vulnerability (CNVD-2022-61747)

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which is caused by AvatarPhotoController.java,. By sending a build request, an attacker can exploit this vulnerability to gain elevated privileges...

7.8CVSS4.5AI score0.00013EPSS
Exploits0References1
CNVD
CNVDadded 2021/08/10 12:0 a.m.52 views

Linux kernel denial-of-service vulnerability (CNVD-2021-60514)

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel is vulnerable due to a failure to properly access permissions flaw in the shadow page in arch/x86/kvm/mmu/pagingtmpl.h. By sending a build request, a local attacker could exploit this flaw t...

5.5CVSS2.3AI score0.00079EPSS
Exploits1References1
CNVD
CNVDadded 2017/09/08 12:0 a.m.2 views

Apache Solr File Acquisition Vulnerability

Apache Solr is a U.S. Apache Apache Software Foundation based on Lucene a full-text search engine architecture of the search server , which supports level search , vertical search , highlighting search results , a variety of output formats and so on. A security vulnerability exists in Apache Solr...

7.5CVSS7.5AI score0.11857EPSS
Exploits0References1
OSV
OSVadded 2013/07/08 5:55 p.m.1 views

DEBIAN-CVE-2013-1059

net/ceph/authnone.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via an authreply message that triggers an attempted buildrequest operation...

7.8CVSS6.4AI score0.01137EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2013/07/08 12:0 a.m.1 views

PT-2013-2847 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.10 Description: The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and system crash, or possibly have other unspecified impacts. This is achieved via an auth...

7.8CVSS6.8AI score0.01137EPSS
Exploits8References263
Rows per page
Query Builder