CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-3214

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00259EPSS

Exploits1References4

RedhatCVE•added 2025/05/23 8:26 a.m.•6 views

CVE-2024-44076

In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access...

9.8CVSS6.9AI score0.00547EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:29 a.m.•2 views

CVE-2023-48910

Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery SSRF via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request...

9.8CVSS6.8AI score0.00259EPSS

Exploits1References1

Veracode•added 2024/08/19 11:17 a.m.•10 views

Authorization Bypass

io.github.microcks, microcks is vulnerable to Authorization Bypass. The vulnerability is caused due to a missing validation around POST /api/import and POST /api/export endpoints. This leads to Authorization bypass...

9.8CVSS6.7AI score0.00547EPSS

Exploits0References5Affected Software1

vulnersOsv•added 2024/08/19 3:30 a.m.•2 views

io.github.microcks:microcks-uber-app (=1.10.0-fix-1) potentially affected by CVE-2024-44076 via io.github.microcks:microcks-app (=1.10.0-fix-1)

io.github.microcks:microcks-app MAVEN version =1.10.0-fix-1 is affected by a known vulnerability. The following packages have a transitive dependency on io.github.microcks:microcks-app and may be impacted: - io.github.microcks:microcks-uber-app =1.10.0-fix-1 Source cves: CVE-2024-44076 Source...

9.8CVSS5.8AI score0.00547EPSS

Exploits0

OSV•added 2024/08/19 3:30 a.m.•13 views

GHSA-R6PH-5FP2-3W2V Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access

In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access...

7.1CVSS9.5AI score0.00547EPSS

Exploits0References7

Github Security Blog•added 2024/08/19 3:30 a.m.•21 views

Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access

In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access...

9.8CVSS6.9AI score0.00547EPSS

Exploits0References7Affected Software1

OSV•added 2024/08/19 3:15 a.m.•12 views

CVE-2024-44076

In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access...

9.8CVSS9.5AI score

Exploits0References3

NVD•added 2024/08/19 3:15 a.m.•16 views

CVE-2024-44076

In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access...

9.8CVSS0.00547EPSS

Exploits0References3

Vulnrichment•added 2024/08/19 12:0 a.m.•19 views

CVE-2024-44076

In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access...

9.6AI score0.00547EPSS

Exploits0References3

CNNVD•added 2024/08/19 12:0 a.m.•2 views

Microcks 安全漏洞

Microcks is an open source Kubernetes tool for API mocking and testing. A security vulnerability exists in Microcks versions prior to 1.10.0 that stems from the POST /api/import and POST /api/export endpoints allowing non-administrative access...

9.8CVSS6.5AI score0.00547EPSS

Exploits0References4

CVE•added 2024/08/19 12:0 a.m.•81 views

CVE-2024-44076

Microcks before version 1.10.0 has a vulnerability where POST /api/import and POST /api/export allow non-administrator access. This is documented across multiple sources (including Red Hat, Veracode, GHSA, OSV, NVD) with CVE-2024-44076 and related advisories. The flaw enables unauthorized access ...

9.8CVSS7AI score0.00547EPSS

Exploits0References3Affected Software1

Cvelist•added 2024/08/19 12:0 a.m.•19 views

CVE-2024-44076

In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access...

0.00547EPSS

Exploits0References3

Positive Technologies•added 2024/08/18 12:0 a.m.•3 views

PT-2024-30938 · Microcks · Microcks

Name of the Vulnerable Software and Affected Versions: Microcks versions prior to 1.10.0 Description: The issue allows non-administrator access to the "POST /api/import" and "POST /api/export" endpoints. Recommendations: For versions prior to 1.10.0, update to version 1.10.0 or later to resolve t...

9.8CVSS6.8AI score0.00547EPSS

Exploits0References17

Spring Engineering•added 2024/02/28 12:0 a.m.•26 views

This Week in Spring - February 27th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring wherein we explore the latest-and-greatest in the wonderful world of Springdom. This week's going to be a very good one, so let's dive right into it! good news everyone! Spring Boot's been updated! 3.3.0-M2, 3.2.3, and 3.1.9 a...

7AI score

Exploits0

Veracode•added 2023/12/07 6:7 a.m.•9 views

Server-Side Request Forgery (SSRF)

Microcks is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the /jobs and /artifact/download components, which allow an attacker to access network resources and sensitive information via a crafted GET request, resulting in SSRF...

9.8CVSS6.6AI score0.00259EPSS

Exploits1References4Affected Software1

Github Security Blog•added 2023/12/04 6:30 p.m.•23 views

Microcks contains a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download

Microcks up to version 1.17.1 was discovered to contain a Server-Side Request Forgery SSRF via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request...

9.8CVSS9.2AI score0.00259EPSS

Exploits1References5Affected Software1

OSV•added 2023/12/04 6:30 p.m.•9 views

GHSA-GQJ2-324P-VX73 Microcks contains a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download

9.8CVSS9.2AI score0.00259EPSS

Exploits1References4

OSV•added 2023/12/04 5:15 p.m.•0 views

CVE-2023-48910

9.8CVSS5.7AI score

Exploits0References3