Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2024/12/30 6:23 p.m.7 views

CVE-2024-56800 Firecrawl has SSRF Vulnerability via malicious scrape target

Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Versions prior to 1.1.1 contain a server-side request forgery SSRF vulnerability. The scraping engine could be exploited by crafting a malicious site that redirects to a local IP address...

7.4CVSS6.3AI score0.00068EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/11/20 4:15 p.m.12 views

CVE-2024-52796 Password Pusher's rate limiter can be bypassed by forging proxy headers

Password Pusher, an open source application to communicate sensitive information over the web, comes with a configurable rate limiter. In versions prior to v1.49.0, the rate limiter could be bypassed by forging proxy headers allowing bad actors to send unlimited traffic to the site potentially...

5.3CVSS5.2AI score0.00115EPSS
Exploits0References3
CVE
CVEadded 2024/11/20 4:15 p.m.46 views

CVE-2024-52796

CVE-2024-52796 affects Password Pusher (open source web app). In versions before v1.49.0, the configurable rate limiter could be bypassed by forging proxy headers, allowing an attacker to send unlimited traffic and potentially cause a denial of service. The fix in v1.49.0 restricts proxy authoriz...

5.3CVSS5.1AI score0.00115EPSS
Exploits0References3
Rows per page
Query Builder