Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-3409

Malicious code in bioql PyPI...

6.3CVSS6.2AI score0.00709EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-0807

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00451EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/09/03 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2023-0821

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage...

6.5CVSS6.4AI score0.00451EPSS
Exploits0References2
OSV
OSVadded 2024/12/04 3:29 p.m.9 views

CVE-2024-54132 GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability

The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...

6.3CVSS6.3AI score0.00709EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/12/04 3:29 p.m.13 views

CVE-2024-54132 GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability

The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...

6.3CVSS7.1AI score0.00709EPSS
Exploits0References2
OSV
OSVadded 2024/02/06 3:15 p.m.0 views

CVE-2024-24590

Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with...

8.8CVSS6AI score
Exploits0References1
Github Security Blog
Github Security Blogadded 2022/05/23 8:16 p.m.39 views

Malicious HTML+XHR Artifact Privilege Escalation in Argo Workflows

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. The attacker creates a workflow that produces a HTML artifact that contains a HTML file that contains a script which uses XHR calls to interact with the Argo Server API. The attacker...

7.1CVSS6.9AI score0.00334EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVEadded 2021/01/27 8:56 p.m.33 views

CVE-2021-21272

A flaw was found in oras. The directory support feature allows the downloaded gzipped tarballs to be automatically extracted to the user-specified directory where the tarball can have symbolic links and hard links. A well-crafted tarball or tarballs allow malicious artifact providers linking,...

7.7CVSS1.6AI score0.00304EPSS
Exploits0References4
OSV
OSVadded 2021/01/25 7:15 p.m.17 views

CVE-2021-21272

ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the downloade...

7.7CVSS6.5AI score
Exploits0References4
Rows per page
Query Builder