Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

25 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-51007

Malicious code in bioql PyPI...

6.3CVSS5AI score0.00099EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-35289

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:36 a.m.7 views

CVE-2023-30951

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack XXE...

6.5CVSS6.9AI score0.00171EPSS
Exploits0References1
OSV
OSVadded 2023/08/03 10:15 p.m.3 views

CVE-2023-30951

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack XXE...

6.5CVSS5.7AI score0.00171EPSS
Exploits0References1
NVD
NVDadded 2023/08/03 10:15 p.m.12 views

CVE-2023-30951

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack XXE...

6.5CVSS6.3AI score0.00171EPSS
Exploits0References1
Prion
Prionadded 2023/08/03 10:15 p.m.32 views

Xxe

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack XXE...

4CVSS6.5AI score0.00171EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/08/03 9:7 p.m.44 views

CVE-2023-30951

Summary: CVE-2023-30951 concerns the Foundry Magritte plugin rest-source, which is reported to be vulnerable to an XML External Entity (XXE) attack. Affected component: Rest-source plugin for Foundry Magritte (exact versions not specified in the provided documents). Root cause / vulnerability typ...

6.5CVSS6.3AI score0.00171EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/08/03 9:7 p.m.13 views

CVE-2023-30951 CVE-2023-30951

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack XXE...

6.3CVSS6.7AI score0.00171EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/08/03 9:7 p.m.6 views

CVE-2023-30951 CVE-2023-30951

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack XXE...

6.3CVSS6.9AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/08/03 12:0 a.m.4 views

Palantir Foundry Code Issue Vulnerability

Palantir Foundry is a business process management platform from US-based Palantir, Inc. A security vulnerability exists in the Palantir Foundry magritte rest-source plugin that stems from the presence of an XML External Entity Injection XXE vulnerability...

6.5CVSS7.2AI score0.00171EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/08/03 12:0 a.m.19 views

PT-2023-23081 · Foundry · The Foundry Magritte Plugin Rest-Source

Name of the Vulnerable Software and Affected Versions: The Foundry Magritte plugin rest-source affected versions not specified Description: The issue is related to an XML external Entity attack XXE in the rest-source plugin. This type of attack allows an attacker to access local or remote content...

6.5CVSS6.2AI score0.00171EPSS
Exploits0References3
OSV
OSVadded 2023/02/16 4:15 p.m.0 views

CVE-2022-48307

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

3.7CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2023/02/16 4:15 p.m.11 views

CVE-2022-48307

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

6.3CVSS6.2AI score0.00099EPSS
Exploits0References1
Prion
Prionadded 2023/02/16 4:15 p.m.31 views

Authentication flaw

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

3.6CVSS4.2AI score0.00099EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/02/16 12:0 a.m.13 views

CVE-2022-48307

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

6.3CVSS6.4AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/02/16 12:0 a.m.1 views

Palantir 信任管理问题漏洞

Palantir is a data platform from Palantir, Inc. that reimagines how people use data by removing the barriers between back-end data management and front-end data analysis. A security vulnerability exists in Palantir Magritte-ftp prior to version 9.466.0, which originates from a hostname in an...

6.3CVSS5.2AI score0.00099EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/02/16 12:0 a.m.3 views

CVE-2022-48307

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

6.3CVSS6.8AI score0.00099EPSS
Exploits0References1
CVE
CVEadded 2023/02/16 12:0 a.m.40 views

CVE-2022-48307

The CVE-2022-48307 entry concerns Magritte-ftp where hostnames were not verified in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. This allowed a network-positioned attacker to perform a man-in-the-middle attack, intercepting and potentially reading or modifying traff...

6.3CVSS4.2AI score0.00099EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2022/11/04 4:15 p.m.9 views

CVE-2022-27893

The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0...

4.2CVSS0.00058EPSS
Exploits0References1
OSV
OSVadded 2022/11/04 4:15 p.m.1 views

CVE-2022-27893

The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0...

4.2CVSS5.7AI score
Exploits0References1
Rows per page
Query Builder