Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2025/12/11 12:58 a.m.7 views

CVE-2025-67718

Form.io exposes a path-handling vulnerability that can let unauthenticated/unauthorized requests access protected API endpoints by sending crafted request paths. Affected versions: 3.5.6 and earlier, and 4.0.0-rc.1 through 4.4.2. Impact is data exposure from endpoints that should be protected. Fi...

8.7CVSS6.3AI score0.00066EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-1586

Malicious code in bioql PyPI...

9.1CVSS6.4AI score0.00188EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/03/31 12:0 a.m.0 views

AWS SAM CLI 安全漏洞

AWS SAM CLI is an Amazon Web Services open source CLI tool for building, testing, debugging and deploying serverless applications using AWS SAM. A security vulnerability exists in AWS SAM CLI that stems from a symbolic link that could lead to access to host privileged files...

6.9CVSS6.3AI score0.00121EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/02/05 7:2 a.m.1 views

CVE-2024-32980

Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use self requests without a specified URL authority can be induced to make requests to arbitrary hosts via the Host HTTP header...

9.1CVSS9.2AI score0.00188EPSS
Exploits0References1
OSV
OSVadded 2024/05/08 2:32 p.m.15 views

CVE-2024-32980 Spin contains a potential network sandbox escape for specifically configured Spin applications

Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use self requests without a specified URL authority can be induced to make requests to arbitrary hosts via the Host HTTP header...

9.1CVSS6.8AI score0.00188EPSS
Exploits0References4
CNNVD
CNNVDadded 2022/06/02 12:0 a.m.1 views

Form.io 注入漏洞

Form.io is a combined forms and API platform for serverless applications from US-based Form.io. An injection vulnerability exists in Form.io version 2.0.0, which can be exploited by an attacker to execute remote code...

9.8CVSS8.5AI score0.03455EPSS
Exploits0References3
CNVD
CNVDadded 2022/01/19 12:0 a.m.18 views

Object Computing micronaut resource management error vulnerability

Object Computing micronaut is a JVM-based full-stack framework from US-based Object Computing, which is primarily used to build modular microservices and serverless applications.A resource management error vulnerability exists in Object Computing Micronaut, which stems from the fact that in the...

5.3CVSS2.6AI score0.00322EPSS
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Securityadded 2021/07/08 12:0 a.m.13 views

Security for AWS Lambda Serverless Applications

Serverless computing is another beautiful cloud-based advancement for developers. But, like all applications, proper security is required to maximize the benefits. Learn more in this article...

4.2AI score
Exploits0
Rows per page
Query Builder