CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-52215

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00463EPSS

Exploits1References3

RedhatCVE•added 2025/05/23 8:19 a.m.•3 views

CVE-2024-10620

A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This affects an unknown part of the file /api/config/list of the component Configuration Center. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The explo...

6.9CVSS6.9AI score0.00501EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:48 a.m.•6 views

CVE-2022-4962

A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /users of the component Configuration Center. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been...

4.3CVSS6.6AI score0.00463EPSS

Exploits1References1

Veracode•added 2024/11/14 7:19 a.m.•4 views

Improper Authentication

com.baidu.disconf:disconf-core is vulnerable to Improper Authentication. The vulnerability is due to a flaw in the Configuration Center component’s /api/config/list endpoint, which allows remote attackers to bypass authentication...

6.9CVSS6.9AI score0.00501EPSS

Exploits0References5Affected Software1

NVD•added 2024/11/01 5:15 a.m.•10 views

CVE-2024-10620

6.9CVSS0.00501EPSS

Exploits0References5

OSV•added 2024/11/01 5:15 a.m.•3 views

CVE-2024-10620

6.9CVSS5.4AI score0.00501EPSS

Exploits0References5

Vulnrichment•added 2024/11/01 4:31 a.m.•9 views

CVE-2024-10620 knightliao Disconf Configuration Center list improper authentication

6.9CVSS6.9AI score0.00501EPSS

Exploits0References5

Cvelist•added 2024/11/01 4:31 a.m.•29 views

CVE-2024-10620 knightliao Disconf Configuration Center list improper authentication

6.9CVSS0.00501EPSS

Exploits0References5

OSV•added 2024/01/12 10:15 p.m.•4 views

CVE-2022-4962

4.3CVSS6.5AI score

Exploits0References3

Prion•added 2024/01/12 10:15 p.m.•30 views

Authorization

4CVSS7.1AI score0.00463EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2024/01/12 10:0 p.m.•15 views

CVE-2022-4962 Apollo Configuration Center users improper authorization

4.3CVSS6.6AI score0.00463EPSS

Exploits1References3

CVE•added 2024/01/12 10:0 p.m.•50 views

CVE-2022-4962

Summary (CVE-2022-4962) : Several sources describe a vulnerability in Apollo 2.0.0/2.0.1 within the Configuration Center’s /users functionality, causing improper authorization. The issue is exploitable remotely and, per the documents, the exploit has been disclosed publicly. There is no publicly ...

4.3CVSS4.6AI score0.00463EPSS

Exploits1References3Affected Software1

Cvelist•added 2024/01/12 10:0 p.m.•29 views

CVE-2022-4962 Apollo Configuration Center users improper authorization

4.3CVSS4.9AI score0.00463EPSS

Exploits1References3

CNNVD•added 2024/01/12 12:0 a.m.•4 views

Apollo Authorization Issues Vulnerabilities

Apollo is a set of PHP scripts by Alex Breen, an individual developer. It is intended to provide a web-based interface for students to upload course assignments. An authorization issue vulnerability exists in Apollo versions 2.0.0 and 2.0.1, which stems from the inclusion of unknown functions in...

4.3CVSS6.9AI score0.00463EPSS

Exploits1References3

Positive Technologies•added 2024/01/12 12:0 a.m.•3 views

PT-2024-11900 · Apollo · Apollo

Name of the Vulnerable Software and Affected Versions: Apollo versions 2.0.0 through 2.0.1 Description: A vulnerability was found in the Configuration Center component, affecting some unknown functionality of the file /users. This issue leads to improper authorization and can be exploited remotel...

4.3CVSS4.8AI score0.00463EPSS

Exploits1References8

CNVD•added 2023/02/25 12:0 a.m.•11 views

Weak Password Vulnerability in E3 Omni-Channel Configuration Center of Shanghai Esaote Software Co.

Shanghai Esaote Software Co., Ltd. is an omni-channel digital retail solution provider, offering operational consulting and digital intelligence solutions for the retail industry. A weak password vulnerability exists in the E3 Omni-Channel Configuration Center of Shanghai Esaote Software...

6.8AI score

Exploits0

OSV•added 2021/09/08 8:14 p.m.•7 views

GHSA-R577-4HQ7-73QH Remote Code Execution in Apache Dubbo

Apache Dubbo supports various rules to support configuration override or traffic routing called routing in Dubbo. These rules are loaded into the configuration center eg: Zookeeper, Nacos, ... and retrieved by the customers when making a request in order to find the right endpoint. When parsing...

8.8CVSS6AI score0.01955EPSS

Exploits0References3

OSV•added 2021/09/07 10:15 a.m.•14 views

CVE-2021-36162

8.8CVSS8.6AI score

Exploits0References1

Cvelist•added 2021/09/07 9:25 a.m.•63 views

CVE-2021-36162 Unprotected yaml deserialization cause RCE

8.8AI score0.01955EPSS

Exploits0References1

CNNVD•added 2021/09/07 12:0 a.m.•16 views

Apache Dubbo 代码问题漏洞

Apache Dubbo is the United States Apache Apache Foundation of a lightweight Java-based RPC Remote Procedure Call framework. It provides interface-based remote calling, fault tolerance and load balancing, and automated service registration and discovery. A security vulnerability exists in Apache...

8.8CVSS8AI score0.01955EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by