Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

9 matches found

EUVD
EUVDβ€’added 2025/10/03 8:7 p.m.β€’4 views

EUVD-2023-12399

Malicious code in bioql PyPI...

6.1CVSS5.9AI score0.00234EPSS
Exploits1References2
CVE
CVEβ€’added 2023/01/17 12:0 a.m.β€’66 views

CVE-2023-0337

CVE-2023-0337 is a reflected Cross-site Scripting (XSS) vulnerability in daloRADIUS (lirantal/daloradius) prior to the master-branch. Concrete detail: a PoC shows XSS in acct-maintenance-cleanup.php, enabling arbitrary JavaScript in the victim’s browser when a user interacts with manipulated inpu...

6.1CVSS5.8AI score0.00234EPSS
Exploits1References2Affected Software1
NVD
NVDβ€’added 2023/01/04 12:15 p.m.β€’11 views

CVE-2023-0046

Improper Restriction of Names for Files and Other Resources in GitHub repository lirantal/daloradius prior to master-branch...

7.2CVSS7AI score0.00416EPSS
Exploits2References2
CVE
CVEβ€’added 2023/01/04 12:0 a.m.β€’308 views

CVE-2023-0048

CVE-2023-0048 affects the daloradius project (lirantal/daloradius) with a code-injection vulnerability prior to the master branch. Root cause: insufficient input sanitization in configuration/update flows, notably where user-controlled data (e.g., email fields) can be written to PHP files and exe...

8.8CVSS8.1AI score0.02163EPSS
Exploits2References2Affected Software1
Vulnrichment
Vulnrichmentβ€’added 2023/01/04 12:0 a.m.β€’6 views

CVE-2023-0048 Code Injection in lirantal/daloradius

Code Injection in GitHub repository lirantal/daloradius prior to master-branch...

7.2CVSS7.3AI score0.02163EPSS
Exploits2References2
Github Security Blog
Github Security Blogβ€’added 2022/07/02 12:0 a.m.β€’124 views

Command injection in git-clone

All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git. Credits Credit to @lirantal for discovering this vulnerability...

10CVSS9.4AI score0.04697EPSS
Exploits1References5Affected Software1
OSV
OSVβ€’added 2022/05/03 12:0 a.m.β€’27 views

GHSA-3X62-X456-Q2VM OS Command Injection in git-pull-or-clone

The package git-pull-or-clone before 2.0.2 is vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. The source includes the use of the secure child process API spawn. However, the outpath parameter passed to it may be a...

9.8CVSS9.8AI score0.10388EPSS
Exploits1References5
Github Security Blog
Github Security Blogβ€’added 2020/09/03 4:47 p.m.β€’28 views

pullit vulnerable to command injection

Versions of pullit prior to 1.4.0 are vulnerable to Command Injection. The package does not validate input on git branch names and concatenates it to an exec call, allowing attackers to run arbitrary commands in the system. Recommendation Upgrade to version 1.4.0 or later. Credits This...

9.8CVSS9.4AI score0.17562EPSS
Exploits1References6Affected Software1
OSV
OSVβ€’added 2020/09/03 4:47 p.m.β€’13 views

GHSA-8PX5-63X9-5C7P pullit vulnerable to command injection

Versions of pullit prior to 1.4.0 are vulnerable to Command Injection. The package does not validate input on git branch names and concatenates it to an exec call, allowing attackers to run arbitrary commands in the system. Recommendation Upgrade to version 1.4.0 or later. Credits This...

9.8CVSS9.7AI score0.17562EPSS
Exploits1References6
Rows per page
Query Builder