Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Hacker One
Hacker Oneadded 2025/02/03 12:10 p.m.994 views

Autodesk: Stored Cross-Site Scripting found in custom integration app on https://admin.b360.autodesk.com.

Stored Cross-Site Scripting was found in custom integration app on https://admin.b360.autodesk.com. The vulnerability could have allowed an attacker to inject malicious JavaScript code when viewed by users. The issue was fixed by Autodesk...

6.2AI score
Exploits0
NVD
NVDadded 2023/10/25 6:17 p.m.13 views

CVE-2023-46124

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, and the enforcement of privacy regulations in code. The Fides web application allows a custom integration to be uploaded as a ZIP file containing configuration and...

8.2CVSS8.2AI score0.00107EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2023/10/24 2:14 a.m.23 views

Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload

Impact The Fides web application allows a custom integration to be uploaded as a ZIP file containing configuration and dataset definitions in YAML format. It was discovered that specially crafted YAML dataset and config files allow a malicious user to perform arbitrary requests to internal system...

8.2CVSS6.9AI score0.00107EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blogadded 2023/09/07 12:59 p.m.20 views

Remote Code Execution in Custom Integration Upload

Impact The Fides webserver API allows custom integrations to be uploaded as a ZIP file. This ZIP file must contain YAML files, but Fides can be configured to also accept the inclusion of custom Python code in it. The custom code is executed in a restricted, sandboxed environment, but the sandbox...

8.8CVSS7.5AI score0.00071EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2023/09/06 5:54 p.m.9 views

CVE-2023-41319 Remote Code Execution in Custom Integration Upload in Fides

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. The Fides webserver API allows custom integrations to be uploaded as a ZIP file. This ZIP file must contain YAML...

8.8CVSS7.4AI score0.00071EPSS
Exploits0References2
Hacker One
Hacker Oneadded 2020/12/10 2:38 p.m.15 views

Helium: SSRF By adding a custom integration on console.helium.com

A Server Side Request Forgery vulnerability was found in the Add a custom Integration feature on console.helium.com. By creating a custom HTTP integration, and setting the integration endpoint to http://169.254.169.254/latest/meta-data private meta-data from the AWS EC2 instance running can be...

1.4AI score
Exploits0
Rows per page
Query Builder