CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

Talos Blog•added 2026/03/26 6:0 p.m.•1 views

A puppet made me cry and all I got was this t-shirt

Welcome to this week's edition of the Threat Source newsletter. Anyone who spoke with me in the last several weeks has had to deal with me loudly waiting in anticipation for the long-awaited "Project Hail Mary" movie adaptation. I read and cried over the book by Andy Weir, who's also the author o...

9.8CVSS6.7AI score0.00066EPSS

Exploits1

RedhatCVE•added 2025/05/23 2:10 a.m.•2 views

CVE-2023-51663

Hail is an open-source, general-purpose, Python-based data analysis tool with additional data types and methods for working with genomic data. Hail relies on OpenID Connect OIDC email addresses from ID tokens to verify the validity of a user's domain, but because users have the ability to change...

5.3CVSS6.6AI score0.00085EPSS

Exploits0References1

Veracode•added 2024/01/02 7:12 a.m.•19 views

Authentication Bypass

hail is is vulnerable to Authentication Bypass. The vulnerability is due to improper validation while handling OpenID Connect OIDC email addresses. This lack of verification of the user's email domain allows an attacker to manipulate their email address to match an organization's domain with...

5.3CVSS6.9AI score0.00085EPSS

Exploits0References2Affected Software1

NVD•added 2023/12/29 5:16 p.m.•17 views

CVE-2023-51663

5.3CVSS0.00085EPSS

Exploits0References1

Prion•added 2023/12/29 5:16 p.m.•10 views

Design/Logic Flaw

5CVSS6.9AI score0.00085EPSS

Exploits0References1Affected Software1

PyPA•added 2023/12/29 5:16 p.m.•5 views

PYSEC-2023-271

5.3CVSS6.7AI score0.00085EPSS

Exploits0References1Affected Software1

OSV•added 2023/12/29 5:16 p.m.•4 views

PYSEC-2023-271

5.3CVSS5AI score0.00085EPSS

Exploits0References1

Cvelist•added 2023/12/29 4:53 p.m.•11 views

CVE-2023-51663 Hail authentication can be bypassed by changing email address

5.3CVSS5.3AI score0.00085EPSS

Exploits0References1

CVE•added 2023/12/29 4:53 p.m.•40 views

CVE-2023-51663

Hail authentication issue (CVE-2023-51663) affects Hail with Hail Batch accounts. Root cause: relying on OIDC email addresses to verify user domain; users can change their emails, enabling creation of Hail Batch accounts in domains they shouldn’t access. Impact stated: attacker cannot access priv...

5.3CVSS5AI score0.00085EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/12/29 4:53 p.m.•11 views

CVE-2023-51663 Hail authentication can be bypassed by changing email address

5.3CVSS5.1AI score0.00085EPSS

Exploits0References1

OSV•added 2023/12/29 4:53 p.m.•10 views

CVE-2023-51663 Hail authentication can be bypassed by changing email address

5.3CVSS5.2AI score0.00085EPSS

Exploits0References3

CNNVD•added 2023/12/29 12:0 a.m.•1 views

Hail Security Vulnerability

Hail is a Python-based open source general purpose data analysis tool with additional data types and methods for working with genomic data. A security vulnerability exists in versions prior to Hail 0.2.127 that stems from the fact that Hail relies on the OpenID Connect OIDC email address in the I...

5.3CVSS6.7AI score0.00085EPSS

Exploits0References2

vulnersOsv•added 2022/02/10 11:5 p.m.•1 views

analytics-zoo (>=0.2.0 <=0.10.0), azureml-webservice-schema (>=0.1.57 <=1.0.33) +33 more potentially affected by CVE-2020-9480 via pyspark (>=2.1.2 <=2.4.5)

pyspark PYPI version =2.1.2, =0.2.0, =0.1.57, =0.11.0, =0.1.2, =0.1.0, =1.0.0, =0.8.0, =0.2.1, =0.2.64 - intake-hive =0.1.0 - j11hail =0.2.53 - jmetalpy =0.9.0 - md2k-cerebral-cortex =3.0.0 and more Source cves: CVE-2020-9480 Source advisory: OSV:GHSA-WGX7-JWWM-CGJV...

9.8CVSS6.9AI score0.88273EPSS

Exploits0

vulnersOsv•added 2020/06/23 10:15 p.m.•2 views

analytics-zoo (>=0.2.0 <=0.10.0), azureml-webservice-schema (>=0.1.57 <=1.0.33) +33 more potentially affected by CVE-2020-9480 via pyspark (>=2.1.2 <=2.4.5)

9.8CVSS6.9AI score0.88273EPSS

Exploits0

vulnersOsv•added 2019/08/08 3:18 p.m.•4 views

analytics-zoo (>=0.2.0 <=0.4.0), azureml-webservice-schema (>=0.1.57 <=1.0.33) +9 more potentially affected by CVE-2019-10099 via pyspark (>=2.1.2 <=2.3.2)

pyspark PYPI version =2.1.2, =0.2.0, =0.1.57, =0.8.0, =0.2.1, =2.0.3, =1.0.0rc2, =0.2.0, =0.2.4 Source cves: CVE-2019-10099 Source advisory: OSV:GHSA-FP5J-3FPF-MHJ5...

7.5CVSS7.1AI score0.00285EPSS

Exploits0

vulnersOsv•added 2019/08/07 5:15 p.m.•0 views

analytics-zoo (>=0.2.0 <=0.4.0), azureml-webservice-schema (>=0.1.57 <=1.0.33) +9 more potentially affected by CVE-2019-10099 via pyspark (>=2.1.2 <=2.3.2)

pyspark PYPI version =2.1.2, =0.2.0, =0.1.57, =0.8.0, =0.2.1, =2.0.3, =1.0.0rc2, =0.2.0, =0.2.4 Source cves: CVE-2019-10099 Source advisory: OSV:PYSEC-2019-114...

7.5CVSS7.1AI score0.00285EPSS

Exploits0

Wired Threat Level•added 2018/11/14 12:0 p.m.•32 views

DARPA's Hail Mary Plan to Restart a Hacked US Electric Grid

On tiny Plum Island, DARPA stages a real-life blackout to put its grid recovery tools to the test...

1AI score

Exploits0

n0where•added 2013/01/05 6:16 p.m.•31 views

Cyber Attack Management Tool: Armitage

Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every...

0.5AI score

Exploits0References1

xssed•added 2010/01/05 12:0 a.m.•12 views

Unfixed XSS vulnerability at www.dns.az

Security researcher sniper hail, has submitted on 01/05/2010 a cross-site-scripting XSS vulnerability affecting www.dns.az, which at the time of submission ranked 440154 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/12/2011. It is currentl...

6.6AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by