Lucene search
+L

2316 matches found

cnnvd
cnnvd
added 2026/02/16 12:0 a.m.11 views

Mozilla Firefox for iOS 安全漏洞

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A security vulnerability exists in Mozilla Firefox for iOS, which can be exploited by an attacker to cause the address bar and page content to be out of sync, allowing the attacker to forge...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/02/15 7:10 a.m.10 views

CVE-2026-1795

The Address Bar Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL Path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS5.8AI score0.00266EPSS
Exploits0References1
nvd
nvd
added 2026/02/14 7:16 a.m.9 views

CVE-2026-1795

The Address Bar Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL Path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS0.00266EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/02/14 6:42 a.m.2 views

CVE-2026-1795

The Address Bar Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL Path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS5.7AI score0.00266EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/02/14 6:42 a.m.4 views

CVE-2026-1795 Address Bar Ads <= 1.0.0 - Reflected Cross-Site Scripting

The Address Bar Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL Path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS5.8AI score0.00266EPSS
Exploits0References3
cvelist
cvelist
added 2026/02/14 6:42 a.m.37 views

CVE-2026-1795 Address Bar Ads <= 1.0.0 - Reflected Cross-Site Scripting

The Address Bar Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL Path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS0.00266EPSS
Exploits0References3
cve
cve
added 2026/02/14 6:42 a.m.25 views

CVE-2026-1795

The CVE-2026-1795 entry concerns the WordPress plugin Address Bar Ads (≤ 1.0.0). The root cause is insufficient input sanitization and output escaping in the URL Path, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. Affected: Address Bar Ads plugin for WordPress (all versions up to...

6.1CVSS5.8AI score0.00266EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/02/14 12:0 a.m.9 views

WordPress plugin Address Bar Ads 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.1CVSS5.7AI score0.00266EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/02/14 12:0 a.m.11 views

PT-2026-8076

The Address Bar Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL Path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS5.8AI score0.00266EPSS
Exploits0References4
nessus
nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : firefox-115.4.0-1.el9.ML.1 (AXSA:2023-6565:41)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6565:41 advisory. Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR...

9.8CVSS8.7AI score0.01936EPSS
Exploits0References8
nessus
nessus
added 2026/01/20 12:0 a.m.2 views

MiracleLinux 9 : firefox-102.11.0-2.el9.ML.1 (AXSA:2023-6024:19)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6024:19 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

8.8CVSS8.7AI score0.00753EPSS
Exploits0References8
nessus
nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 8 : thunderbird-102.11.0-1.el8.ML.1 (AXSA:2023-6153:18)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6153:18 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

8.8CVSS8.7AI score0.00753EPSS
Exploits0References8
nessus
nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : webkit2gtk3-2.46.1-2.el9_4 (AXSA:2024-8945:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8945:04 advisory. webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution CVE-2024-40776 webkitgtk: webkit2gtk: Processing maliciously crafted web...

9.8CVSS9.3AI score0.01157EPSS
Exploits0References12
nessus
nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : webkit2gtk3-2.46.3-1.el9 (AXSA:2024-9303:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9303:07 advisory. webkitgtk: Visiting a malicious website may lead to address bar spoofing CVE-2024-40866 webkitgtk: A malicious website may exfiltrate data...

6.5CVSS8.5AI score0.0095EPSS
Exploits0References6
nessus
nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : firefox-102.11.0-2.0.1.el7.AXS7 (AXSA:2023-5464:18)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5464:18 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

8.8CVSS8.7AI score0.00753EPSS
Exploits0References8
redhatcve
redhatcve
added 2026/01/09 11:28 a.m.9 views

CVE-2021-33594

An address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted a malicious URL, it appears like a legitimate one on the address bar, while the content comes from other domain and presented in a window, covering the original content. A...

3.5CVSS6.9AI score0.01075EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:27 a.m.11 views

CVE-2021-33595

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address...

3.5CVSS6.9AI score0.01075EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:26 a.m.8 views

CVE-2021-33593

Whale browser for iOS before 1.14.0 has an inconsistent user interface issue that allows an attacker to obfuscate the address bar which may lead to address bar spoofing...

5.3CVSS6.6AI score0.00685EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:10 a.m.13 views

CVE-2019-11699

A malicious page can briefly cause the wrong name to be highlighted as the domain name in the addressbar during page navigations. This could result in user confusion of which site is currently loaded for spoofing attacks. This vulnerability affects Firefox 67...

6.5CVSS5.9AI score0.00846EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:9 a.m.9 views

CVE-2019-11695

A custom cursor defined by scripting on a site can position itself over the addressbar to spoof the actual cursor when it should not be allowed outside of the primary web content area. This could be used by a malicious site to trick users into clicking on permission prompts, doorhanger...

4.3CVSS5.5AI score0.00737EPSS
Exploits1References1
Rows per page
Query Builder