Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/01/16 12:30 p.m.1 views

Insertion of Sensitive Information into Log File

Overview apache-airflow-providers-microsoft-azure is a Provider package apache-airflow-providers-microsoft-azure for Apache Airflow Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the proxies and proxy fields in a Connection. An attacker ca...

7.5CVSS5.6AI score0.00035EPSS
Exploits0References2
OSV
OSVadded 2026/01/16 11:16 a.m.2 views

CVE-2025-68675

In Apache Airflow versions before 3.1.6, and 2.11.1 the proxies and proxy fields within a Connection may include proxy URLs containing embedded authentication information. These fields were not treated as sensitive by default and therefore were not automatically masked in log output. As a result,...

7.5CVSS5.9AI score
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/01/15 10:32 p.m.1 views

CVE-2026-0600

Server-Side Request Forgery SSRF vulnerability in Sonatype Nexus Repository 3 versions 3.0.0 and later allows authenticated administrators to configure proxy repositories with URLs that can access unintended network destinations, potentially including cloud metadata services and internal network...

6.2CVSS6.8AI score0.0009EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/01/14 12:0 a.m.3 views

Sonatype Nexus Repository 安全漏洞

Sonatype Nexus Repository is a repository manager from Sonatype, Inc. that is used for managing, storing, and distributing software, among other things. A security vulnerability exists in Sonatype Nexus Repository 3 3.0.0 and later versions, which stems from improper validation of proxy repositor...

6.2CVSS7.1AI score0.0009EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/01/14 12:0 a.m.2 views

PT-2026-2966

Name of the Vulnerable Software and Affected Versions Sonatype Nexus Repository versions 3.0.0 and later Description A Server-Side Request Forgery SSRF issue exists in Sonatype Nexus Repository. Authenticated administrators can configure proxy repositories with URLs that may access unintended...

6.2CVSS6.6AI score0.0009EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/05/09 8:59 p.m.10 views

CVE-2025-47269 code-server session cookie can be extracted by having user visit specially crafted proxy URL

code-server runs VS Code on any machine anywhere through browser access. Prior to version 4.99.4, a maliciously crafted URL using the proxy subpath can result in the attacker gaining access to the session token. Failure to properly validate the port for a proxy request can result in proxying to a...

8.3CVSS8.2AI score0.00331EPSS
Exploits0References3
Veracode
Veracodeadded 2023/06/21 2:38 a.m.20 views

Path Traversal

gradio is vulnerable to Path Traversal. The vulnerability exists because the library does not properly restrict the proxy URLs, which allows an attacker to access and read arbitrary files outside the expected directory through the malicious proxy URL...

9.1CVSS6.8AI score0.0028EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder