Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2025/11/25 12:0 a.m.2 views

New API 代码问题漏洞

New API is a QuantumNous open source interface software. A code issue vulnerability exists in versions of New API prior to 0.9.6 that stems from an incomplete SSRF fix and a 302 redirect to bypass security restrictions...

8.5CVSS6.6AI score0.00014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/05 12:0 a.m.7 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache2 (SUSE-SU-2025:02684-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02684-1 advisory. - CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 - CVE-2024-43204: Fixed a SSRF when...

9.1CVSS7.1AI score0.04674EPSS
Exploits2References22
Prion
Prionadded 2023/12/29 12:15 p.m.16 views

Design/Logic Flaw

The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and run arbitrary cod...

5.4CVSS8.2AI score0.00072EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2023/12/22 5:0 p.m.13 views

CVE-2023-50259 Blind SSRF in /home/testslack endpoint

Medusa is an automatic video library manager for TV shows. Versions prior to 1.0.19 are vulnerable to unauthenticated blind server-side request forgery SSRF. The testslack request handler in medusa/server/web/home/handler.py does not validate the user-controlled slackwebhook variable and passes i...

5.3CVSS5.7AI score0.00405EPSS
Exploits1References5
OSV
OSVadded 2022/09/12 7:7 a.m.7 views

SUSE-SU-2022:3251-1 Security update for nodejs16

This update for nodejs16 fixes the following issues: - CVE-2022-35949: Fixed SSRF when an application takes in user input into the path/pathname option of undici.request bsc1202382. - CVE-2022-35948: Fixed CRLF injection via Content-Type bsc1202383. - CVE-2022-29244: Fixed npm pack ignores...

9.8CVSS6.8AI score0.0085EPSS
Exploits3References10
OSV
OSVadded 2022/09/08 8:35 a.m.7 views

SUSE-SU-2022:3196-1 Security update for nodejs16

This update for nodejs16 fixes the following issues: - CVE-2022-35949: Fixed SSRF when an application takes in user input into the path/pathname option of undici.request bsc1202382. - CVE-2022-35948: Fixed CRLF injection via Content-Type bsc1202383. - CVE-2022-29244: Fixed npm pack ignores...

9.8CVSS6.8AI score0.0085EPSS
Exploits3References10
RedHat Linux
RedHat Linuxadded 2021/10/07 1:35 p.m.78 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP9 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9CVSS6.9AI score0.94432EPSS
Exploits5References2
Rows per page
Query Builder