Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 3:42 a.m.6 views

CVE-2023-30349

JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...

9.8CVSS8.2AI score0.04131EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:49 p.m.5 views

CVE-2022-30349

siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting XSS...

6.1CVSS6.4AI score0.00223EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/04/03 12:0 a.m.7 views

Debian dla-4113 : php-horde-imp - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4113 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4113-1 [email protected] https://www.debian.org/lts/security/...

7.2CVSS5.4AI score0.49812EPSS
Exploits0References4
Circl
Circladded 2025/03/21 5:19 p.m.9 views

CVE-2025-30349

creationtimestamp| type| source ---|---|--- 2025-03-21 17:19:13+00:00| exploited| https://t.me/DarkWebInformerCVEAlerts/8376 2025-03-21 20:09:28+00:00| exploited| https://t.me/cvedetector/20828 2025-03-22 21:01:54+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lkymr5yh3g2f...

7.2CVSS4.8AI score0.49812EPSS
Exploits0References4
OSV
OSVadded 2025/03/21 5:15 p.m.10 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS6AI score0.49812EPSS
Exploits0References14
NVD
NVDadded 2025/03/21 5:15 p.m.13 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS0.49812EPSS
Exploits0References14
UbuntuCve
UbuntuCveadded 2025/03/21 5:15 p.m.9 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS5.8AI score0.49812EPSS
Exploits0References4
CVE
CVEadded 2025/03/21 12:0 a.m.93 views

CVE-2025-30349

CVE-2025-30349 affects Horde IMP (webmail) up to version 6.2.27 used with Horde Application Framework up to 5.2.23. The issue is an XSS via a crafted text/html email containing an onerror attribute (potentially base64-encoded JavaScript), leading to account takeover. Exploitation was observed in ...

7.2CVSS6.6AI score0.49812EPSS
Exploits0References14
Vulnrichment
Vulnrichmentadded 2025/03/21 12:0 a.m.12 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS6.6AI score0.49812EPSS
Exploits0References13
Debian CVE
Debian CVEadded 2025/03/21 12:0 a.m.14 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS5.1AI score0.49812EPSS
Exploits0
Cvelist
Cvelistadded 2025/03/21 12:0 a.m.239 views

CVE-2025-30349

Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute that may use base64-encoded JavaScript code, as exploited in the wild in March 2025...

7.2CVSS0.49812EPSS
Exploits0References13
CVE
CVEadded 2024/04/02 8:14 p.m.64 views

CVE-2024-30349

CVE-2024-30349 describes a remote code execution in Foxit PDF Reader via U3D file parsing. The flaw arises from inadequate validation of user-supplied data during U3D parsing, causing an out-of-bounds write that can execute code in the target process. Exploitation requires user interaction (visit...

7.8CVSS8.3AI score0.01623EPSS
Exploits0References2Affected Software2
NVD
NVDadded 2023/04/28 2:15 p.m.13 views

CVE-2023-30183

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-30349. Reason: This record is a reservation duplicate of CVE-2023-30349. Notes: All CVE users should reference CVE-2023-30349 instead of this record. All references and descriptions in this record have been removed to prevent...

9.5AI score
Exploits0
ATTACKERKB
ATTACKERKBadded 2023/04/28 2:15 p.m.0 views

CVE-2023-30183

DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-30349. Reason: This record is a reservation duplicate of CVE-2023-30349. Notes: All CVE users should reference CVE-2023-30349 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage...

9.8CVSS7.1AI score0.04131EPSS
Exploits1References2
Circl
Circladded 2023/04/27 6:40 p.m.2 views

CVE-2023-30349

creationtimestamp| type| source ---|---|--- 2023-04-27 18:40:11+00:00| seen| https://t.me/cibsecurity/62984...

9.8CVSS8.7AI score0.04131EPSS
Exploits1References1
OSV
OSVadded 2023/04/27 2:15 p.m.12 views

CVE-2023-30349

JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...

9.8CVSS8.6AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/04/27 12:0 a.m.6 views

CVE-2023-30349

JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...

9.9AI score0.04131EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/04/27 12:0 a.m.24 views

CVE-2023-30349

JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...

10AI score0.04131EPSS
Exploits1References1
CVE
CVEadded 2023/04/27 12:0 a.m.49 views

CVE-2023-30349

CVE-2023-30349 affects JFinal CMS v5.1.0; confirmed remote code execution via the ActionEnter function. The vulnerability is described as a high-severity (CVSS v3.1: 9.8) network‑based issue with no authentication required and no user interaction. The provided documents do not specify a fixed ver...

9.8CVSS9.8AI score0.04131EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/06/14 10:11 a.m.74 views

CVE-2021-30349

CVE-2021-30349 describes an improper access control sequence in Qualcomm/ Snapdragon firmware where after memory allocation the AC database can be accessed out of intended order, potentially causing memory corruption in multiple Snapdragon products (Auto, Compute, Connectivity, Consumer IOT, Indu...

8.2CVSS6.8AI score0.00035EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder