Lucene search
K

311 matches found

Nuclei
Nuclei
added yesterday192 views

Jfrog Artifactory <6.17.0 - Default Admin Password

Jfrog Artifactory prior to 6.17.0 uses default passwords such as "password" for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory. id: CVE-2019-17444 info: name: Jfrog Artifactory...

9.8CVSS7AI score0.69445EPSS
Exploits0References4
Nuclei
Nuclei
added 2 days ago405 views

JFrog Artifactory 6.7.3 - Admin Login Bypass

JFrog Artifactory 6.7.3 is vulnerable to an admin login bypass issue because by default the access-admin account is used to reset the password of the admin account. While this is only allowable from a connection directly from localhost, providing an X-Forwarded-For HTTP header to the request allo...

9.8CVSS7AI score0.53879EPSS
Exploits3References5
Fedora
Fedora
added 4 days ago11 views

[SECURITY] Fedora 44 Update: jfrog-cli-2.112.0-1.fc44

JFrog CLI is a client that provides a simple interface that automates access to the JFrog products...

9.6CVSS6.6AI score0.00533EPSS
Exploits1
Snyk
Snyk
added 2026/06/11 9:0 p.m.9 views

Malicious Package

Overview solana-web3-stable is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:0 p.m.12 views

Malicious Package

Overview solana-js-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:0 p.m.13 views

Malicious Package

Overview @solana-labs/web3.js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:0 p.m.12 views

Malicious Package

Overview solana-web3 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:0 p.m.9 views

Malicious Package

Overview solana-web3-py is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:0 p.m.12 views

Malicious Package

Overview solana-mev-bot is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/24 12:0 a.m.13 views

jfrog-cli-2.104.1-1.1 on GA media (moderate)

jfrog-cli-2.104.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10844-1 Rating: moderate Cross-References: CVE-2025-11579 CVSS scores: CVE-2025-11579 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2025-11579 SUSE : 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA...

4.8CVSS7.3AI score0.00349EPSS
Exploits1
OSV
OSV
added 2026/05/23 12:0 a.m.15 views

OPENSUSE-SU-2026:10844-1 jfrog-cli-2.104.1-1.1 on GA media

These are all security issues fixed in the jfrog-cli-2.104.1-1.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS5.8AI score0.00349EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 12:47 p.m.11 views

Malicious code in zest-product (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9081ad708b658c1bd56299e401ca6a764cc9137d99573bc922d38a7381cc30d On npm install, postinstall.js collects host identity and environment data os.hostname, username, process.cwd, process.env values, plus shelled-out...

5.8AI score
Exploits0References3
Snyk
Snyk
added 2026/05/13 9:0 p.m.9 views

Malicious Package

Overview @kindo/selfbot is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Chainguard
Chainguard
added 2026/05/12 7:19 a.m.35 views

CVE-2026-45022 vulnerabilities

Vulnerabilities for packages: src-fingerprint-fips, gitaly-fips, kubevela, argo-workflows, bom, pulumi-kubernetes-operator, zarf, gptscript, google-osconfig-agent, crossplane-fips, kaniko-fips, kubescape-server, gitlab-rails-ce-fips, trufflehog-fips, kyverno, kubescape, coder,...

7.5CVSS6.1AI score0.00159EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/12 7:19 a.m.9 views

GHSA-389R-GV7P-R3RP vulnerabilities

Vulnerabilities for packages: src-fingerprint-fips, gitaly-fips, kubevela, argo-workflows, bom, pulumi-kubernetes-operator, zarf, gptscript, google-osconfig-agent, crossplane-fips, kaniko-fips, kubescape-server, gitlab-rails-ce-fips, trufflehog-fips, kyverno, kubescape, coder,...

6.1AI score
Exploits0
Fedora
Fedora
added 2026/05/01 3:12 a.m.14 views

[SECURITY] Fedora 44 Update: jfrog-cli-2.98.0-1.fc44

JFrog CLI is a client that provides a simple interface that automates access to the JFrog products...

7.5CVSS5.3AI score0.0075EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.6 views

Fedora 44 : jfrog-cli (2026-6b87863841)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6b87863841 advisory. Upstream release 2.98.0. https://github.com/jfrog/jfrog-cli/releases/tag/v2.98.0 Resolves the following security issues: CVE-2025-11579 CVE-2025-665...

7.5CVSS6.9AI score0.0075EPSS
Exploits3References13
Chainguard
Chainguard
added 2026/04/11 2:17 p.m.5 views

GHSA-HR2V-4R36-88HR vulnerabilities

Vulnerabilities for packages: zot, helm-operator-fips, cloudbeat, helm-set-status, kube-arangodb-fips, envoy-gateway, trivy-operator, consul-k8s-fips, zarf-fips, cloudbeat-fips, flux, linkerd2-fips, cerbos, helm-diff-fips, kubescape-server-fips, pluto-fips, cilium-cli, helm-diff,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.8 views

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: kube-state-metrics, gitaly-fips, runc, bom, nsc, amazon-ecs-agent-fips, harbor, azure-aad-pod-identity-mic, amazon-ecs-cni-plugins-fips, kubernetes-fips, helm-push, kyverno, terraform-fips, tigera-operator-fips, flux-helm-controller, mattermost, kbld, rclone-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.13 views

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: kube-state-metrics, gitaly-fips, runc, bom, nsc, amazon-ecs-agent-fips, harbor, azure-aad-pod-identity-mic, amazon-ecs-cni-plugins-fips, kubernetes-fips, helm-push, kyverno, terraform-fips, tigera-operator-fips, flux-helm-controller, mattermost, kbld, rclone-fips,...

5.5CVSS6.2AI score0.0029EPSS
Exploits0
Rows per page
Query Builder