Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded yesterday3 views

GHSA-32G3-35G9-WC9G @hulumi/drift: Drift classifier fails open on adapter errors and over-promotes Mixed verdicts

Affected: @hulumi/drift 1.4.0 — Fixed in: 1.4.0 — Severity: Medium — CWE-755 Improper Handling of Exceptional Conditions Summary @hulumi/drift runs four adapters that each ask a different question about whether a resource has drifted Pulumi-state diff, provider-version change, CloudTrail event,...

8.4CVSS5.4AI score
Exploits0References3
NVD
NVDadded 2026/03/09 11:16 a.m.3 views

CVE-2026-25604

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

5.4CVSS0.00016EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/03/09 12:0 a.m.4 views

PT-2026-24054

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

5.7AI score0.00016EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2025/08/20 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2016-1000352

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for...

7.4CVSS7.1AI score0.00388EPSS
Exploits0References2
OSV
OSVadded 2024/08/05 8:15 a.m.4 views

PYSEC-2024-265

Insufficient Session Expiration vulnerability in Apache Airflow Providers FAB. This issue affects Apache Airflow Providers FAB: 1.2.1 when used with Apache Airflow 2.9.3 and FAB 1.2.0 for all Airflow versions. The FAB provider prevented the user from logging out. FAB provider 1.2.1 only affected...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References3
Cvelist
Cvelistadded 2023/07/13 7:35 a.m.14 views

CVE-2023-37415 Apache Airflow Apache Hive Provider: Improper Input Validation in Hive Provider with proxy_user

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxyuser option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updatin...

9.4AI score0.00401EPSS
Exploits0References2
NVD
NVDadded 2018/06/04 9:29 p.m.23 views

CVE-2016-1000345

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding...

5.9CVSS5.9AI score0.00802EPSS
Exploits0References7
Rows per page
Query Builder