Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Github Security Blog
Github Security Blogadded 2020/03/03 3:32 p.m.99 views

HTTP Response Splitting in Styx

Vulnerability Styx is vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Response Splitting'. Vulnerable Component The vulnerable component is the com.hotels.styx.api.HttpHeaders.Builder due to disabling the HTTP Header validation built into Netty in these...

6.5CVSS0.1AI score0.00319EPSS
Exploits1References4Affected Software1
Hacker One
Hacker Oneadded 2019/03/06 1:14 p.m.33 views

Semmle: Authenticated Cross-Site-Request-Forgery

Summary: I have read the T&C to be eligible for bounty on this program. As per T&C authenticated CSRF requests are eligible for a bounty. I am not looking for the Bounty, However I want to give you an update on Authenticated CSRF that I have found. In the "Account Settings", a user can change his...

6.6AI score
Exploits0
seebug.org
seebug.orgadded 2017/09/06 12:0 a.m.154 views

Apache Struts2 S2-052 (CVE-2017-9805)

In this post I'll describe how I customized a standard lgtm query to find a remote code execution vulnerability in Apache Struts. A more general announcement about this vulnerability can be found here. It has been assigned CVE-2017-9805, a security bulletin can be found here on the Struts website...

6.8CVSS9AI score0.94322EPSS
Exploits23
Rows per page
Query Builder