Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2024/11/12 4:38 p.m.15 views

CVE-2024-50336 matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...

5.3CVSS0.00877EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/01/12 12:0 a.m.2 views

Zoom Client Security Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in Zoom Client versions prior to 5.16.10 that stems from improper access control, resulting in an elevation of privilege vulnerability. Affected products and...

8.8CVSS7AI score0.00029EPSS
Exploits0References2
The Hacker News
The Hacker Newsadded 2022/12/19 6:5 p.m.18 views

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Cybersecurity researchers have discovered a new malicious package on the Python Package Index PyPI repository that impersonates a software development kit SDK for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak. The package, named SentinelOne and now taken...

0.3AI score
Exploits0
Circl
Circladded 2022/07/13 2:25 a.m.4 views

CVE-2022-30187

creationtimestamp| type| source ---|---|--- 2022-07-13 02:25:48+00:00| seen| https://t.me/cibsecurity/46123 2022-07-18 05:00:00+00:00| seen| https://msrc.microsoft.com/blog/2022/07/mitigation-for-azure-storage-sdk-client-side-encryption-padding-oracle-vulnerability/...

4.7CVSS5.6AI score0.00268EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 8:19 p.m.2 views

Malicious code in sdk-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f54c1d86b5b606384bb94d0e6720103aa0542360a6843c8220b24370cad88c1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVadded 2022/06/20 8:19 p.m.4 views

MAL-2022-5976 Malicious code in sdk-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f54c1d86b5b606384bb94d0e6720103aa0542360a6843c8220b24370cad88c1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
NVD
NVDadded 2016/07/21 10:13 a.m.12 views

CVE-2016-3532

Unspecified vulnerability in the Oracle Advanced Inbound Telephony component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to SDK client integration. NOTE: the previous information is from the July 2016 CP...

8.2CVSS6.7AI score0.00907EPSS
Exploits0References5
Rows per page
Query Builder