Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8005 matches found

OSV
OSVadded 2024/10/23 7:15 p.m.11 views

CVE-2024-48964

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning...

8.8CVSS7.1AI score
Exploits0References1
OSV
OSVadded 2024/10/23 7:15 p.m.5 views

CVE-2024-48963

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning truste...

9.8CVSS7.1AI score
Exploits0References1
NVD
NVDadded 2024/10/23 7:15 p.m.16 views

CVE-2024-48963

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning truste...

9.8CVSS0.0043EPSS
Exploits0References1
NVD
NVDadded 2024/10/23 7:15 p.m.18 views

CVE-2024-48964

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning...

8.8CVSS0.0043EPSS
Exploits0References1
Chainguard
Chainguardadded 2024/10/23 7:15 p.m.69 views

CVE-2024-48964 vulnerabilities

Vulnerabilities for packages: snyk-cli...

8.8CVSS6.9AI score0.0043EPSS
Exploits0
Chainguard
Chainguardadded 2024/10/23 7:15 p.m.13 views

CVE-2024-48963 vulnerabilities

Vulnerabilities for packages: snyk-cli...

9.8CVSS6.9AI score0.0043EPSS
Exploits0
Wolfi
Wolfiadded 2024/10/23 7:15 p.m.30 views

CVE-2024-48964 vulnerabilities

Vulnerabilities for packages: snyk-cli...

8.8CVSS7.8AI score0.0043EPSS
Exploits0
Wolfi
Wolfiadded 2024/10/23 7:15 p.m.85 views

CVE-2024-48963 vulnerabilities

Vulnerabilities for packages: snyk-cli...

9.8CVSS7.2AI score0.0043EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2024/10/23 6:24 p.m.12 views

CVE-2024-48963

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning truste...

7.5CVSS7.3AI score0.0043EPSS
Exploits0References1
CVE
CVEadded 2024/10/23 6:24 p.m.289 views

CVE-2024-48963

The CVE-2024-48963 entry concerns Snyk CLI prior to 1.1294.0, which is vulnerable to Code Injection when scanning an untrusted PHP project due to improper handling of the current working directory name. The vulnerability is triggered if Snyk test is run inside the untrusted project. Affected comp...

9.8CVSS7.4AI score0.0043EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/10/23 6:24 p.m.29 views

CVE-2024-48963

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning truste...

7.5CVSS0.0043EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/10/23 6:24 p.m.12 views

CVE-2024-48964

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning...

7.5CVSS7.2AI score0.0043EPSS
Exploits0References1
CVE
CVEadded 2024/10/23 6:24 p.m.280 views

CVE-2024-48964

The CVE-2024-48964 entry concerns the Snyk CLI prior to 1.1294.0, vulnerable to Code Injection when scanning an untrusted Gradle project due to improper handling of the current working directory name. Affected software: Snyk CLI (pre-1.1294.0). Impact: potential code injection during a test run i...

8.8CVSS7.3AI score0.0043EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/10/23 6:24 p.m.20 views

CVE-2024-48964

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning...

7.5CVSS0.0043EPSS
Exploits0References1
NVD
NVDadded 2024/10/23 6:15 p.m.18 views

CVE-2024-20412

A vulnerability in Cisco Firepower Threat Defense FTD Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded...

9.3CVSS0.00206EPSS
Exploits0References1
CVE
CVEadded 2024/10/23 5:39 p.m.91 views

CVE-2024-20412

Cisco Firepower Threat Defense (FTD) Software on Firepower 1000, 2100, 3100, and 4200 Series contains static accounts with hard-coded passwords, enabling an unauthenticated, local attacker to access the CLI with those credentials. A successful exploit could allow data access, limited troubleshoot...

9.3CVSS9AI score0.00206EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/10/23 5:39 p.m.28 views

CVE-2024-20412

A vulnerability in Cisco Firepower Threat Defense FTD Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded...

9.3CVSS0.00206EPSS
Exploits0References1
CVE
CVEadded 2024/10/23 5:29 p.m.38 views

CVE-2024-20370

CVE-2024-20370 describes a local privilege-escalation in Cisco FXOS CLI on certain ASA/FTD hardware. The root cause is insecure storage/permissions of system configurations and executables, enabling an authenticated, local attacker with valid admin credentials to elevate to root after steps that ...

6CVSS5.9AI score0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/10/23 5:29 p.m.8 views

CVE-2024-20370

A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need...

6CVSS6.6AI score0.00167EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/10/23 5:29 p.m.14 views

CVE-2024-20370

A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need...

6CVSS0.00167EPSS
Exploits0References1
Rows per page
Query Builder