CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-0410

Malware in sbrugna...

7.5CVSS7.7AI score0.00257EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-4803

Malicious code in bioql PyPI...

5.9CVSS6.7AI score0.00349EPSS

Exploits0References11

Tenable Nessus•added 2025/08/24 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2019-11065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used...

5.9CVSS6.7AI score0.00349EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 4:13 a.m.•1 views

SUSE CVE-2019-11065

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site...

5.9CVSS6.7AI score0.00349EPSS

Exploits0References3

CNNVD•added 2023/01/15 12:0 a.m.•1 views

pontifex.http SQL注入漏洞

pontifex.http is an application by Andrew Personal Developer. An SQL injection vulnerability exists in pontifex.http, which originates from unknown code in the file lib/Http.coffee and operates to cause SQL injection...

9.8CVSS6.6AI score0.00353EPSS

Exploits0References4

OSV•added 2022/05/13 1:21 a.m.•27 views

GHSA-PPRQ-4488-WGQX Insecure transport protocol in Gradle

5.9CVSS5.9AI score0.00349EPSS

Exploits0References6

Ubuntu•added 2021/03/15 10:44 p.m.•56 views

USN-4858-1: Gradle vulnerabilities

It was discovered that Gradle used an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins were used. A remote unauthenticated attacker could possibly use this issue to perform a machine-in-the-middle attack. CVE-2019-11065 It was discovered that...

5.9CVSS6.7AI score0.00349EPSS

Exploits1

UbuntuCve•added 2019/04/10 12:29 a.m.•31 views

CVE-2019-11065

5.9CVSS6.8AI score0.00349EPSS

Exploits0References3

OSV•added 2019/04/10 12:29 a.m.•24 views

CVE-2019-11065

5.9CVSS6.7AI score

Exploits0References4

OSV•added 2019/04/10 12:29 a.m.•1 views

DEBIAN-CVE-2019-11065

5.9CVSS6.6AI score0.00349EPSS

Exploits0References1

OSV•added 2019/04/10 12:29 a.m.•0 views

UBUNTU-CVE-2019-11065

5.9CVSS6.8AI score0.00349EPSS

Exploits0References4

NVD•added 2019/04/10 12:29 a.m.•13 views

CVE-2019-11065

5.9CVSS5.7AI score0.00349EPSS

Exploits0References4

CVE•added 2019/04/09 11:37 p.m.•79 views

CVE-2019-11065

CVE-2019-11065 affects Gradle versions 1.4–5.3.1, where the Gradle plugins for JavaScript or CoffeeScript used an insecure HTTP URL to fetch dependencies from ajax.googleapis.com. This path could allow MITM tampering of dependency artifacts. The provided connected documents confirm the vulnerabil...

5.9CVSS5.5AI score0.00349EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2019/04/09 12:0 a.m.•2 views

PT-2019-12162 · Gradle +1 · Gradle +1

Name of the Vulnerable Software and Affected Versions: Gradle versions 1.4 through 5.3.1 Description: The issue arises from Gradle using an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. This could allow dependency artifacts to be...

5.9CVSS5.8AI score0.00349EPSS

Exploits1References21

Github Security Blog•added 2018/08/06 8:12 p.m.•17 views

coffescript is malware

The coffescript package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found coffescript installed in your...

7.5CVSS7.3AI score0.00257EPSS

Exploits0References3Affected Software1