Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-42218

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00031EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-3961

Malicious code in bioql PyPI...

8.3CVSS6.6AI score0.00049EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 11:59 a.m.4 views

CVE-2025-24858

Develocity formerly Gradle Enterprise before 2024.3.1 allows an attacker who has network access to a Develocity server to obtain the hashed password of the system user. The hash algorithm used by Develocity was chosen according to best practices for password storage and provides some protection...

8.3CVSS7AI score0.00049EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/05 1:9 a.m.2 views

CVE-2024-46881

Develocity formerly Gradle Enterprise before 2024.1.8 has Incorrect Access Control. Project-level access control configuration was introduced in Enterprise Config schema version 8. Migration functionality from schema version 8 to versions 9 and 10 in affected vulnerable versions does not include...

7.1CVSS6.6AI score0.00031EPSS
Exploits0
NVD
NVDadded 2025/01/26 7:15 a.m.8 views

CVE-2024-46881

Develocity formerly Gradle Enterprise before 2024.1.8 has Incorrect Access Control. Project-level access control configuration was introduced in Enterprise Config schema version 8. Migration functionality from schema version 8 to versions 9 and 10 in affected vulnerable versions does not include...

7.1CVSS0.00031EPSS
Exploits0References1
NVD
NVDadded 2025/01/26 6:15 a.m.13 views

CVE-2025-24858

Develocity formerly Gradle Enterprise before 2024.3.1 allows an attacker who has network access to a Develocity server to obtain the hashed password of the system user. The hash algorithm used by Develocity was chosen according to best practices for password storage and provides some protection...

8.3CVSS0.00049EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/01/26 12:0 a.m.15 views

CVE-2025-24858

Develocity formerly Gradle Enterprise before 2024.3.1 allows an attacker who has network access to a Develocity server to obtain the hashed password of the system user. The hash algorithm used by Develocity was chosen according to best practices for password storage and provides some protection...

8.3CVSS0.00049EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/01/26 12:0 a.m.1 views

PT-2025-5588 · Unknown · Develocity

Name of the Vulnerable Software and Affected Versions: Develocity versions prior to 2024.3.1 Description: The issue allows an attacker with network access to a Develocity server to obtain the hashed password of the system user. The hash algorithm used provides some protection against brute-force...

8.3CVSS7.2AI score0.00049EPSS
Exploits0References12
Vulnrichment
Vulnrichmentadded 2025/01/26 12:0 a.m.5 views

CVE-2024-46881

Develocity formerly Gradle Enterprise before 2024.1.8 has Incorrect Access Control. Project-level access control configuration was introduced in Enterprise Config schema version 8. Migration functionality from schema version 8 to versions 9 and 10 in affected vulnerable versions does not include...

7.1CVSS6.8AI score0.00031EPSS
Exploits0References1
CVE
CVEadded 2025/01/26 12:0 a.m.47 views

CVE-2024-46881

The CVE-2024-46881 issue in Develocity (Gradle Enterprise) stems from an incorrect access-control migration. Enterprise Config schema v8 introduced project-level access control; when upgrading to schemas 9/10, the projects section may be omitted, causing all project settings to reset to defaults ...

7.1CVSS6.7AI score0.00031EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/01/26 12:0 a.m.12 views

CVE-2024-46881

Develocity formerly Gradle Enterprise before 2024.1.8 has Incorrect Access Control. Project-level access control configuration was introduced in Enterprise Config schema version 8. Migration functionality from schema version 8 to versions 9 and 10 in affected vulnerable versions does not include...

7.1CVSS0.00031EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/01/26 12:0 a.m.1 views

Gradle 安全漏洞

Gradle is a set of JVM-based project building tools from Gradle, Inc. that supports maven, Ivy repositories, and more. A security vulnerability exists in Gradle Develocity versions prior to 2024.3.1, which stems from a vulnerability that allows an attacker with network access privileges to obtain...

8.3CVSS6.7AI score0.00049EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/01/26 12:0 a.m.2 views

PT-2025-2749 · Unknown · Develocity

Name of the Vulnerable Software and Affected Versions: Develocity versions 2023.3.X through 2023.4.X Develocity versions 2023.3.X through 2024.1.7 Develocity versions 2023.4.X through 2024.1.7 Develocity versions prior to 2024.1.8 Description: The issue arises from incorrect access control in...

7.1CVSS7.1AI score0.00031EPSS
Exploits0References9
CNNVD
CNNVDadded 2025/01/26 12:0 a.m.2 views

Gradle 安全漏洞

Gradle is a set of JVM-based project building tools from Gradle, Inc. that supports maven, Ivy repositories, and more. A security vulnerability exists in Gradle Develocity versions prior to 2024.1.8, which stems from an incorrectly migrated project access control configuration that results in...

7.1CVSS6.6AI score0.00031EPSS
Exploits0References1
CVE
CVEadded 2025/01/26 12:0 a.m.55 views

CVE-2025-24858

CVE-2025-24858 affects Develocity (formerly Gradle Enterprise) versions prior to 2024.3.1. A network-adjacent attacker can obtain the hashed system-user password from a Develocity server. The hash method is stated to follow password-storage best practices but remains vulnerable to offline attempt...

8.3CVSS7.2AI score0.00049EPSS
Exploits0References1
Spring Engineering
Spring Engineeringadded 2024/08/15 12:0 a.m.10 views

A Bootiful Podcast: Gradle and Develocity engineer and Spring community legend Eric Haag

Hi, Spring fans! In this episode I talk to Gradle and Develocity engineer and Spring community legend Eric Haag...

7.2AI score
Exploits0
Rows per page
Query Builder