CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-2803

Malicious code in bioql PyPI...

CNNVD•added 2025/09/08 12:0 a.m.•2 views

Apache Jackrabbit Core和Apache Jackrabbit JCR Commons 安全漏洞

Apache Jackrabbit Core and Apache Jackrabbit JCR Commons are both products of the Apache Foundation.Apache Jackrabbit Core is a content repository core.Apache Jackrabbit JCR Commons is a general-purpose tool library. A security vulnerability exists in Apache Jackrabbit Core versions 1.0.0 through...

6.5CVSS7AI score0.00579EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 2:38 a.m.•2 views

CVE-2023-23608

Spotipy is a light weight Python library for the Spotify Web API. In versions prior to 2.22.1, if a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended. The code Spotipy uses to parse URIs and URLs allows an...

4.3CVSS4.9AI score0.00196EPSS

Exploits1References1

CNNVD•added 2024/05/18 12:0 a.m.•1 views

Nix 安全漏洞

Nix is a powerful package manager from the Nix open source. It is used for making packages. A security vulnerability exists in Nix 2.22.1 and earlier versions that stems from mishandling certain uses of the hash cache, making it easier for an attacker to replace current source code with...

4.3CVSS6.6AI score0.00136EPSS

NVD•added 2023/10/25 6:17 p.m.•13 views

CVE-2023-46125

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. The Fides webserver API allows users to retrieve its configuration using the GET api/v1/config endpoint. The...

6.5CVSS6.3AI score0.00179EPSS

NVD•added 2023/10/25 6:17 p.m.•14 views

CVE-2023-46124

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, and the enforcement of privacy regulations in code. The Fides web application allows a custom integration to be uploaded as a ZIP file containing configuration and...

8.2CVSS8.2AI score0.00107EPSS

Prion•added 2023/10/25 6:17 p.m.•17 views

Information disclosure

4CVSS6.3AI score0.00179EPSS

Exploits0References3Affected Software1

CNNVD•added 2023/10/25 12:0 a.m.•3 views

Fides Security Vulnerabilities

Fides is an open source privacy engineering platform for managing the implementation of data privacy requests in the runtime environment and the enforcement of privacy regulations in code. A security vulnerability exists in versions of Fides prior to 2.22.1, which stems from an API that allows...

Vulnrichment•added 2023/10/24 10:51 p.m.•13 views

Exploits0References4

CVE-2023-46124 Server-Side Request Forgery Vulnerability in Custom Integration Upload

8.2CVSS6.9AI score0.00107EPSS

OSV•added 2023/10/24 10:42 p.m.•11 views

CVE-2023-46125 Fides Information Disclosure Vulnerability in Config API Endpoint

6.5CVSS6.2AI score0.00179EPSS

Cvelist•added 2023/10/24 10:42 p.m.•18 views

CVE-2023-46125 Fides Information Disclosure Vulnerability in Config API Endpoint

Vulnrichment•added 2023/10/24 10:42 p.m.•12 views

CVE-2023-46125 Fides Information Disclosure Vulnerability in Config API Endpoint

6.5CVSS6.3AI score0.00179EPSS

Vulnrichment•added 2023/10/24 9:59 p.m.•11 views

CVE-2023-46126 Fides JavaScript Injection Vulnerability in Privacy Center URL

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, helping enforce privacy regulations in code. The Fides web application allows users to edit consent and privacy notices such as cookie banners. The vulnerability mak...

3.9CVSS6.7AI score0.00156EPSS

Cvelist•added 2023/10/24 9:59 p.m.•10 views

CVE-2023-46126 Fides JavaScript Injection Vulnerability in Privacy Center URL

3.9CVSS5.7AI score0.00156EPSS

OSV•added 2023/10/24 9:59 p.m.•18 views

CVE-2023-46126 Fides JavaScript Injection Vulnerability in Privacy Center URL

3.9CVSS5.3AI score0.00156EPSS

CVE•added 2023/10/24 9:59 p.m.•65 views

CVE-2023-46126

CVE-2023-46126 affects Fides: a JavaScript injection risk in the privacy policy URL editable by Admin UI users with contributor+ permissions. The flaw allows crafting a payload in the privacy policy URL that executes JavaScript when the privacy notice is served by an integrated website; the execu...

5.4CVSS4.8AI score0.00156EPSS

Exploits0References3Affected Software1

Github Security Blog•added 2023/10/24 2:45 a.m.•25 views

Fides JavaScript Injection Vulnerability in Privacy Center URL

Impact The Fides web application allows users to edit consent and privacy notices such as cookie banners. These privacy notices can then be served by other integrated websites, for example in cookie consent banners. One of the editable fields is a privacy policy URL and this input was found to no...

5.4CVSS6.8AI score0.00156EPSS

Exploits0References5Affected Software1

OSV•added 2023/10/24 2:21 a.m.•28 views

GHSA-RJXG-RPG3-9R89 Fides Information Disclosure Vulnerability in Config API Endpoint

Impact The Fides webserver API allows users to retrieve its configuration using the GET api/v1/config endpoint. The configuration data is filtered to suppress most sensitive configuration information before it is returned to the user, but even the filtered data contains information about the...

6.5CVSS6.3AI score0.00179EPSS

Github Security Blog•added 2023/10/24 2:21 a.m.•24 views

Fides Information Disclosure Vulnerability in Config API Endpoint