Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 9:55 a.m.3 views

CVE-2024-28423

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS8.2AI score0.00115EPSS
Exploits0References1
PyPA
PyPAadded 2021/02/15 4:15 p.m.5 views

PYSEC-2021-86

This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function...

7.2CVSS7AI score0.02852EPSS
Exploits1References2Affected Software1
Veracode
Veracodeadded 2019/04/16 2:32 a.m.7 views

Arbitrary Code Execution

js-yaml is vulnerable to arbitrary code execution. The vulnerability exists through the usage of unsafe load function, which allows attackers to inject arbitrary code via a malicious YAML file using objects that have toString as key, JavaScript code as value and are used as explicit mapping keys...

7.2AI score
Exploits0
Rows per page
Query Builder