Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-20704

Malicious code in bioql PyPI...

7.5CVSS7.9AI score0.00656EPSS
Exploits1References1
OSV
OSVadded 2024/09/04 2:15 p.m.2 views

CVE-2024-7923

An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers,...

9.8CVSS5.7AI score0.004EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2024/09/04 1:40 p.m.32 views

CVE-2024-7012

An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing...

9.8CVSS7.2AI score0.00216EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/02/16 12:0 a.m.2 views

PT-2024-18913 · Unknown · Caddy-Security

Name of the Vulnerable Software and Affected Versions: github.com/greenpau/caddy-security versions all Description: The issue is related to Server-side Request Forgery SSRF via X-Forwarded-Host header manipulation. An attacker can expose sensitive information, interact with internal services, or...

6.9CVSS5.5AI score0.00157EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2023/05/04 12:0 a.m.2 views

PT-2023-20505 · Gin Gonic +1 · Gin +1

Name of the Vulnerable Software and Affected Versions: github.com/gin-gonic/gin versions prior to 1.9.0 Description: The issue is related to Improper Input Validation, allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning...

7.3CVSS5.2AI score0.00318EPSS
Exploits1References19
Positive Technologies
Positive Technologiesadded 2021/05/06 12:0 a.m.2 views

PT-2021-4072 · Unknown · Modsecurity

Name of the Vulnerable Software and Affected Versions: ModSecurity versions 3.x before 3.0.4 ModSecurity version 3.0.4 is not affected, so the range can be simplified to versions prior to 3.0.4. Description: The issue is related to incorrect parsing of key-value pairs, which can lead to a "string...

5.3CVSS5.2AI score0.00382EPSS
Exploits1References11
Veracode
Veracodeadded 2020/09/02 5:54 a.m.13 views

Prototype Pollution

gedi is vulnerable to prototype pollution. The vulnerability exists as it does not restrict the proto header to be set through the set function...

9.8CVSS2AI score0.00386EPSS
Exploits1References1Affected Software1
ArchLinux
ArchLinuxadded 2015/10/23 12:0 a.m.65 views

jre7-openjdk: multiple issues

CVE-2015-4734 information disclosure It was discovered that the JGSS component of OpenJDK did not properly hide Kerberos realm information from all error exceptions when running under Security Manager. An untrusted Java application or applet could use this flaw to obtain certain information about...

10CVSS1.5AI score0.18255EPSS
Exploits0References22
ArchLinux
ArchLinuxadded 2015/10/23 12:0 a.m.62 views

jre7-openjdk-headless: multiple issues

CVE-2015-4734 information disclosure It was discovered that the JGSS component of OpenJDK did not properly hide Kerberos realm information from all error exceptions when running under Security Manager. An untrusted Java application or applet could use this flaw to obtain certain information about...

10CVSS1.5AI score0.18255EPSS
Exploits0References22
Positive Technologies
Positive Technologiesadded 2015/07/26 12:0 a.m.4 views

PT-2015-6103

Name of the Vulnerable Software and Affected Versions Web Console versions prior to 2.1.3 Ruby on Rails versions 3.x and 4.x Description The issue allows remote attackers to bypass the whitelisted ips protection mechanism via a crafted request. This is due to the improper restriction of...

4.3CVSS5.8AI score0.85262EPSS
Exploits6References21
Rows per page
Query Builder