Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

106 matches found

OSV
OSVadded 2023/03/24 10:1 p.m.19 views

GHSA-WP72-7HJ9-5265 Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIs

Impact Users of the MLflow Open Source Project who are hosting the MLflow Model Registry using the mlflow server or mlflow ui commands using an MLflow version older than MLflow 2.2.1 may be vulnerable to a remote file existence check exploit if they are not limiting who can query their server for...

4.8CVSS4.7AI score0.00578EPSS
Exploits1References6
Kitploit
Kitploitadded 2023/02/04 11:30 a.m.29 views

EAST - Extensible Azure Security Tool - Documentation

Extensible Azure Security Tool Later referred as E.A.S.T is tool for assessing Azure and to some extent Azure AD security controls. Primary use case of EAST is Security data collection for evaluation in Azure Assessments. This information JSON content can then be used in various reporting tools,...

7.7AI score
Exploits0References26
ATTACKERKB
ATTACKERKBadded 2022/07/18 12:0 a.m.243 views

CVE-2022-33891

The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to...

8.8CVSS9.7AI score0.92984EPSS
In wildExploits12References6
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 8:12 p.m.3 views

Malicious code in protobufjs-databricks (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ae198b4c60528a62453f589485b597ef1cfc87e25d9af4500e8445aac5b5c3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVadded 2022/06/20 8:12 p.m.7 views

MAL-2022-5489 Malicious code in protobufjs-databricks (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ae198b4c60528a62453f589485b597ef1cfc87e25d9af4500e8445aac5b5c3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Kaspersky
Kasperskyadded 2021/12/16 12:0 a.m.595 views

KLA12392 RCE vulnerability in Microsoft Azure

Remote code execution vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-44228 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...

10CVSS9.8AI score0.99999EPSS
Exploits346References6
Rows per page
Query Builder