CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

627 matches found

OSV•added 2024/05/30 3:15 p.m.•18 views

CVE-2024-3924

A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the autodocs.yml workflow file. The vulnerability arises from the insecure handling of the github.headref user input, which is used to dynamically construct a command for installing ...

4.4CVSS7.5AI score

Exploits0References2

OSV•added 2024/05/15 12:9 p.m.•20 views

BIT-CILIUM-2022-29178 Incorrect Default Permissions in Cilium

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 100...

8.8CVSS8.3AI score0.00285EPSS

Exploits0References5

OSV•added 2024/05/15 12:8 p.m.•19 views

BIT-CILIUM-OPERATOR-2022-29178 Incorrect Default Permissions in Cilium

8.8CVSS8.3AI score0.00285EPSS

Exploits0References5

Circl•added 2024/05/14 1:13 a.m.•0 views

GHSA-WFM5-V35H-VWF4

creationtimestamp| type| source ---|---|--- 2024-05-14 01:13:35+00:00| published-proof-of-concept| https://t.me/CNArsenal/2483...

4.8AI score

Exploits0References1

CVE•added 2024/04/09 5:39 p.m.•96 views

CVE-2024-31457

Gin-vue-admin (CVE-2024-31457) has a backend code-injection risk via a directory-traversal flaw in the Plugin Template feature. The AutoPlug flow accepts PlugName, and through crafted input (e.g., ../../../server/ and related PoC payloads) an attacker can create or modify folders like api, config...

7.7CVSS7.7AI score0.00904EPSS

Exploits0References3

OSV•added 2024/04/09 5:39 p.m.•27 views

CVE-2024-31457 gin-vue-admin background arbitrary code coverage vulnerability

gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. gin-vue-admin pseudoversion 0.0.0-20240407133540-7bc7c3051067, corresponding to version 2.6.1, has a code injection vulnerability in the backend. In the Plugin System - Plugi...

7.7CVSS7.9AI score0.00904EPSS

Exploits0References5

Circl•added 2024/03/19 9:16 p.m.•0 views

GHSA-PMF3-C36M-G5CF

creationtimestamp| type| source ---|---|--- 2024-03-19 21:16:11+00:00| seen| https://t.me/ctinow/211934...

4.8AI score

Exploits0References1

Circl•added 2024/03/14 9:46 p.m.•1 views

GHSA-PHG6-44M7-HX3H

creationtimestamp| type| source ---|---|--- 2024-03-14 21:46:43+00:00| seen| https://t.me/ctinow/208193...

4.8AI score

Exploits0References1

Circl•added 2024/03/13 9:56 p.m.•2 views

GHSA-G627-R579-RW35

creationtimestamp| type| source ---|---|--- 2024-03-13 21:56:44+00:00| seen| https://t.me/ctinow/207190...

4.8AI score

Exploits0References1

Circl•added 2024/03/13 3:17 p.m.•2 views

GHSA-GF8P-V3G3-3WPH

creationtimestamp| type| source ---|---|--- 2024-03-13 15:17:10+00:00| seen| https://t.me/ctinow/206766...

4.8AI score

Exploits0References1

Github Security Blog•added 2024/03/12 3:50 p.m.•13 views

ASA-2024-006: ValidateVoteExtensions helper function in Cosmos SDK may allow incorrect voting power assumptions

ASA-2024-006: ValidateVoteExtensions helper function may allow incorrect voting power assumptions Component: Cosmos SDK Criticality: High Affected Versions: Cosmos SDK versions = 0.50.4, on 0.50 branches Affected Users: Chain developers, Validator and Node operators Impact: Elevation of Privilege...

6.7AI score

Exploits0References4Affected Software1

OSV•added 2024/03/12 3:50 p.m.•10 views

GHSA-95RX-M9M5-M94V ASA-2024-006: ValidateVoteExtensions helper function in Cosmos SDK may allow incorrect voting power assumptions

7.1CVSS6.7AI score

Exploits0References4

Circl•added 2024/03/08 9:52 p.m.•5 views

GHSA-35JJ-WX47-4W8R

creationtimestamp| type| source ---|---|--- 2024-03-08 21:52:10+00:00| seen| https://t.me/ctinow/203609...

4.8AI score

Exploits0References1

Circl•added 2024/03/08 12:7 a.m.•1 views

GHSA-C5Q2-7R4C-MV6G

creationtimestamp| type| source ---|---|--- 2024-03-08 00:07:20+00:00| seen| https://t.me/ctinow/202895 2025-02-13 19:15:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4311...

4.8AI score

Exploits0References2

Circl•added 2024/03/06 8:46 p.m.•2 views

GHSA-MR9J-QQJH-67F2

creationtimestamp| type| source ---|---|--- 2024-03-06 20:46:37+00:00| seen| https://t.me/ctinow/201795...

4.8AI score

Exploits0References1

OSV•added 2024/03/06 10:54 a.m.•30 views

BIT-GRADLE-2021-29428 Local privilege escalation through system temporary directory

In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. Gradle builds could be vulnerable to a local privilege escalation from an attacker quickly deleting and recreatin...

8.8CVSS8AI score0.00529EPSS

Exploits1References5

Circl•added 2024/03/02 5:41 p.m.•3 views

GHSA-HFXX-G56F-8H5V

creationtimestamp| type| source ---|---|--- 2024-03-02 17:41:37+00:00| seen| https://t.me/ctinow/198427...

4.8AI score

Exploits0References1

Circl•added 2024/02/29 11:56 p.m.•2 views

GHSA-PFW6-5RX3-XH3C

creationtimestamp| type| source ---|---|--- 2024-02-29 23:56:24+00:00| seen| https://t.me/ctinow/197130...

4.8AI score

Exploits0References1