Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-2705

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00225EPSS
Exploits0References3
OSV
OSVadded 2025/06/25 4:45 p.m.1 views

MAL-2025-5388 Malicious code in data-catalog-api-schema (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score
Exploits0
Veracode
Veracodeadded 2024/09/19 4:32 a.m.8 views

Prototype Pollution

@backstage/plugin-catalog-backend is vulnerable to Prototype Pollution. The vulnerability is caused due to improper user input sanitization in the catalog API, which allows an attacker to interrupt the service using a specially crafted query...

6.5CVSS6.5AI score0.00225EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/09/17 8:14 p.m.17 views

CVE-2024-45815 Prototype pollution in @backstage/plugin-catalog-backend

Backstage is an open framework for building developer portals. A malicious actor with authenticated access to a Backstage instance with the catalog backend plugin installed is able to interrupt the service using a specially crafted query to the catalog API. This has been fixed in the 1.26.0 relea...

6.5CVSS0.00225EPSS
Exploits0References1
OSV
OSVadded 2024/09/17 8:14 p.m.7 views

CVE-2024-45815 Prototype pollution in @backstage/plugin-catalog-backend

Backstage is an open framework for building developer portals. A malicious actor with authenticated access to a Backstage instance with the catalog backend plugin installed is able to interrupt the service using a specially crafted query to the catalog API. This has been fixed in the 1.26.0 relea...

6.5CVSS6.3AI score0.00225EPSS
Exploits0References3
Debian
Debianadded 2023/05/27 11:0 a.m.33 views

[SECURITY] [DSA 5414-1] docker-registry security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5414-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 27, 2023 https://www.debian.org/security/faq -...

6.5CVSS6.7AI score0.00147EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2021/02/02 12:0 a.m.2 views

PT-2021-11705 · Harbor · Harbor

Name of the Vulnerable Software and Affected Versions: Harbor versions 2.0 through 2.0.4 Harbor versions 2.1.x through 2.1.1 Description: The catalog's registry API is exposed on an unauthenticated path, allowing bypass of authorization. The vulnerable API endpoint is "GET /v2/ catalog/" which ca...

5.3CVSS7.6AI score0.00235EPSS
Exploits0References13
Veracode
Veracodeadded 2019/05/16 2:16 a.m.24 views

Remote Code Execution (RCE)

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.51. See the following advisory for the container...

6.5CVSS6.6AI score0.93773EPSS
Exploits4References24Affected Software22
Veracode
Veracodeadded 2019/05/16 2:16 a.m.22 views

Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.51. See the following advisory for the container...

6.1CVSS6.3AI score0.93773EPSS
Exploits4References24Affected Software22
Rows per page
Query Builder