Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-8224

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00271EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2025-8231

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00208EPSS
Exploits1References3
OSV
OSVadded 2025/03/26 5:20 p.m.8 views

GHSA-RV78-QQRQ-73M5 Directus's S3 assets become unavailable after a burst of HEAD requests

Summary There's some tools that use Directus to sync content and assets. Some of those tools use HEAD method, like Shopify, to check the existence of files. Although, when making many HEAD requests at once, at some point, all assets are being served as 403. Details When I was investigating this...

5.3CVSS6.8AI score0.00208EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2025/03/26 5:20 p.m.15 views

Directus's S3 assets become unavailable after a burst of HEAD requests

Summary There's some tools that use Directus to sync content and assets. Some of those tools use HEAD method, like Shopify, to check the existence of files. Although, when making many HEAD requests at once, at some point, all assets are being served as 403. Details When I was investigating this...

5.3CVSS7AI score0.00208EPSS
Exploits1References3Affected Software2
Github Security Blog
Github Security Blogadded 2025/03/26 5:19 p.m.32 views

Directus's S3 assets become unavailable after a burst of malformed transformations

Summary When making many malformed transformation requests at once, at some point, all assets are being served as 403. Details When I was investigating this issue, I have found that after a burst of malformed asset transformation requests, the amount of sockets held on Agent on NodeHttpHandler wa...

5.3CVSS7.1AI score0.00271EPSS
Exploits1References3Affected Software2
OSV
OSVadded 2025/03/26 5:19 p.m.7 views

GHSA-J8XJ-7JFF-46MX Directus's S3 assets become unavailable after a burst of malformed transformations

Summary When making many malformed transformation requests at once, at some point, all assets are being served as 403. Details When I was investigating this issue, I have found that after a burst of malformed asset transformation requests, the amount of sockets held on Agent on NodeHttpHandler wa...

5.3CVSS6.8AI score0.00271EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/03/26 4:27 p.m.10 views

CVE-2025-30225 Directus's S3 assets become unavailable after a burst of malformed transformations

Directus is a real-time API and App dashboard for managing SQL database content. The @directus/storage-driver-s3 package starting in version 9.22.0 and prior to version 12.0.1, corresponding to Directus starting in version 9.22.0 and prior to 11.5.0, is vulnerable to asset unavailability after a...

5.3CVSS7.6AI score0.00271EPSS
Exploits1References1
Rows per page
Query Builder