Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Snyk
Snykadded 2025/12/16 10:32 p.m.0 views

Malicious Package

Overview platformid is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.3 views

Malicious code in platformid (npm)

The package platformid was found to contain malicious code...

7AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-29378 Malicious code in platformid (npm)

The package platformid was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/02/05 10:37 p.m.6 views

CVE-2022-36089

KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. In KubeVela prior to versions 1.4.11 and 1.5.4, VelaUX APIServer uses the PlatformID as the signed key to generate the JWT tokens for users. Another AP...

9.8CVSS6.9AI score0.00336EPSS
Exploits0
Prion
Prionadded 2022/09/07 11:15 p.m.13 views

Authentication flaw

KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. In KubeVela prior to versions 1.4.11 and 1.5.4, VelaUX APIServer uses the PlatformID as the signed key to generate the JWT tokens for users. Another AP...

7.5CVSS9.4AI score0.00336EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/09/07 11:0 p.m.12 views

CVE-2022-36089 VelaUX APIServer vulnerable to Authentication Bypass by Capture-replay

KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. In KubeVela prior to versions 1.4.11 and 1.5.4, VelaUX APIServer uses the PlatformID as the signed key to generate the JWT tokens for users. Another AP...

8.2CVSS9.7AI score0.00336EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2022/09/07 11:0 p.m.4 views

CVE-2022-36089 VelaUX APIServer vulnerable to Authentication Bypass by Capture-replay

KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. In KubeVela prior to versions 1.4.11 and 1.5.4, VelaUX APIServer uses the PlatformID as the signed key to generate the JWT tokens for users. Another AP...

8.2CVSS9.5AI score0.00336EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/09/07 12:0 a.m.1 views

KubeVela 安全漏洞

KubeVela is a modern application delivery platform open-sourced by KubeVela. A security vulnerability exists in KubeVela versions prior to 1.4.11 and 1.5.4, which stems from the fact that its VelaUX APIServer uses the PlatformID as a signing key to generate JWT tokens for users. Another API calle...

9.8CVSS8.3AI score0.00336EPSS
Exploits0References3
ossfuzz
ossfuzzadded 2016/10/31 12:57 p.m.15 views

libchewing: Negative-size-param in _Inner_InternalSpecialSymbol

Project: https://github.com/chewing/libchewing.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5836280051007488 Fuzzer: libFuzzerlibchewingchewingdynamicconfigfuzzer Job Type: libfuzzerasanlibchewing Platform Id: linux Crash Type: Negative-size-param Crash Address: Cras...

7.2AI score
Exploits0Affected Software1
Rows per page
Query Builder