Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2025/03/06 12:0 a.m.1 views

GitLab Enterprise Edition 安全漏洞

GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition that stems from improper privilege control and could lead to user access to sensitive project analysis data...

4.3CVSS6.4AI score0.00032EPSS
Exploits1References2
OSV
OSVadded 2023/07/06 7:24 p.m.15 views

GHSA-4VRV-93C7-M92J snyk Code Injection vulnerability

The package snyk before 1.1064.0 is vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the application...

8.8CVSS6.4AI score0.02656EPSS
Exploits1References8
NVD
NVDadded 2022/11/30 1:15 p.m.12 views

CVE-2022-24441

The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the applicatio...

8.8CVSS0.02656EPSS
Exploits1References7
Prion
Prionadded 2022/11/30 1:15 p.m.17 views

Code injection

The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the applicatio...

6.8CVSS7.1AI score0.02656EPSS
Exploits2References7Affected Software3
Positive Technologies
Positive Technologiesadded 2022/11/30 12:0 a.m.2 views

PT-2022-16699 · Microsoft +2 · Visual Studio +3

Name of the Vulnerable Software and Affected Versions: snyk versions prior to 1.1064.0 VS Code versions prior to 1.9.0 IntelliJ versions prior to 2.4.48 Visual Studio versions prior to 1.1.31 Eclipse versions prior to v20221115.132308 Language Server versions prior to v20221109.114426 Description...

8.8CVSS9.4AI score0.02656EPSS
Exploits1References12
CNVD
CNVDadded 2020/09/14 12:0 a.m.1 views

Apache NetBeans Unauthorized Code Loading Vulnerability

Apache NetBeans is a suite of software development platforms from the Apache Software Foundation in the United States. Apache NetBeans has a security vulnerability that can be exploited by a remote attacker to submit a special request to load project analysis code without receiving user consent...

9.8CVSS7.2AI score0.05128EPSS
Exploits0References1
Prion
Prionadded 2020/09/09 4:15 p.m.7 views

Code injection

To be able to analyze gradle projects, the build scripts need to be executed. Apache NetBeans follows this pattern. This causes the code of the build script to be invoked at load time of the project. Apache NetBeans up to and including 12.0 did not request consent from the user for the analysis o...

7.5CVSS9.4AI score0.05128EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder