Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/05/04 6:30 p.m.1 views

GHSA-VXGG-MQX2-3W59 Apache Polaris has an Improper Input Validation Issue

Apache Polaris accepts literal characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused unescaped in S3 IAM resource patterns and s3:prefix conditions. In S3 IAM policy matching, is treated as ...

9.9CVSS5.8AI score0.00136EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/05/04 12:0 a.m.6 views

Apache Polaris 输入验证错误漏洞

Apache Polaris is a data management and query service component of the Apache Foundation. Version 1.4.0 of Apache Polaris contains a vulnerability related to input validation. This vulnerability arises from the acceptance of literal asterisk characters in namespace and table names without proper...

9.9CVSS5.8AI score0.00136EPSS
Exploits0References1
OSV
OSVadded 2025/11/11 12:17 a.m.1 views

MAL-2025-63636 Malicious code in jaja-lapis93-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0316bb5bf53071bf08699fb6bb813d42df2649e890d29406fcecbce9cf7a962e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Cvelist
Cvelistadded 2020/07/29 2:53 p.m.20 views

CVE-2020-8553 Kubernetes ingress-nginx Compromise of auth via subset/superset namespace names

The Kubernetes ingress-nginx component prior to version 0.28.0 allows a user with the ability to create namespaces and to read and create ingress objects to overwrite the password file of another ingress which uses nginx.ingress.kubernetes.io/auth-type: basic and which has a hyphenated namespace ...

5.9CVSS5.7AI score0.00523EPSS
Exploits0References1
Veracode
Veracodeadded 2019/05/02 5:51 a.m.16 views

Information Disclosure

Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container imag...

7.5CVSS7.5AI score0.00182EPSS
Exploits0References18Affected Software10
RedHat Linux
RedHat Linuxadded 2016/07/20 12:11 p.m.1 views

OpenJDK: maximum XML name limit not applied to namespace URIs (JAXP, 8148872)

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508...

5.3CVSS7.4AI score0.07521EPSS
Exploits0References5
Rows per page
Query Builder