Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Microsoft CVE
Microsoft CVEadded 2020/12/21 8:0 a.m.2 views

The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command because a Content-Disposition header can have ../ in a filename as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py.

...

7.5CVSS7AI score0.00622EPSS
Exploits1
CNVD
CNVDadded 2020/09/30 12:0 a.m.4 views

MetInfo SQL Injection Vulnerability (CNVD-2021-05409)

MetInfo using PHP + Mysql architecture, is a very SEO-friendly, full-featured, support for multi-language, responsive display, extremely suitable for business, corporate website construction cms station-building system. MetInfo 7.0.0 beta version has SQL injection vulnerability. Attackers can...

9.8CVSS8.1AI score0.00546EPSS
Exploits1References1
PyPA
PyPAadded 2020/09/04 8:15 p.m.4 views

PYSEC-2020-173

The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorizedkeys file. This occurs in downloadhttpurl in internal/download.py...

7.5CVSS9AI score0.00622EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder