Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-1744

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.02356EPSS
Exploits1References6
OSV
OSVadded 2023/06/06 4:46 p.m.16 views

GHSA-86H2-2G4G-29QX avo possible unsafe reflection / partial DoS vulnerability

Summary The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes when viewing a manipulated record. Details After reviewing th...

8.3CVSS8.6AI score0.02356EPSS
Exploits1References6
Github Security Blog
Github Security Blogadded 2023/06/06 4:46 p.m.17 views

avo possible unsafe reflection / partial DoS vulnerability

Summary The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes when viewing a manipulated record. Details After reviewing th...

8.8CVSS7.1AI score0.02356EPSS
Exploits1References6Affected Software1
Snyk
Snykadded 2023/06/06 10:41 a.m.0 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation via the "polymorphic field" implementation, due to the lack of validation of user input when updating or creating a new polymorphic resource. An attacker can exploit this vulnerability by manipulating the class...

8.8CVSS6.9AI score0.02356EPSS
Exploits1References2
RubySec
RubySecadded 2023/06/06 12:0 a.m.18 views

avo possible unsafe reflection / partial DoS vulnerability

Summary The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes when viewing a manipulated record. Details After reviewing th...

8.8CVSS7.7AI score0.02356EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2023/06/05 11:15 p.m.11 views

Input validation

Avo is an open source ruby on rails admin panel creation framework. The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes...

6.5CVSS8.8AI score0.02356EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2023/06/05 10:16 p.m.8 views

CVE-2023-34102 Possible unsafe reflection / partial denial of service in avo

Avo is an open source ruby on rails admin panel creation framework. The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes...

8.3CVSS8.5AI score0.02356EPSS
Exploits1References4
CNNVD
CNNVDadded 2023/06/05 12:0 a.m.2 views

Avo 输入验证错误漏洞

Avo is an open source ruby on rails admin panel creation framework from Avo Open Source. An input validation error vulnerability exists in Avo version 2.33.2, version 3.0.0.pre12. The vulnerability stems from a user storing input and updating a record class using a polymorphic field type that doe...

8.8CVSS8.2AI score0.02356EPSS
Exploits1References3
Rows per page
Query Builder