Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

797 matches found

OSV
OSVadded 2019/12/10 10:15 p.m.0 views

DEBIAN-CVE-2019-13737

Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5CVSS7.1AI score0.02568EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2019/12/10 10:15 p.m.18 views

CVE-2019-13737

Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5CVSS7AI score0.02568EPSS
Exploits0References3
OSV
OSVadded 2019/12/10 10:15 p.m.1 views

UBUNTU-CVE-2019-13737

Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5CVSS7.2AI score0.02568EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2019/12/10 9:1 p.m.23 views

CVE-2019-13737

Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5CVSS7.1AI score0.02568EPSS
Exploits0
NVD
NVDadded 2019/11/26 5:15 p.m.12 views

CVE-2019-18449

An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions issue 2 of 2...

4.3CVSS4.3AI score0.00071EPSS
Exploits0References2
OSV
OSVadded 2019/11/26 5:15 p.m.16 views

CVE-2019-18449

An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions issue 2 of 2...

4.3CVSS6.5AI score
Exploits0References2
UbuntuCve
UbuntuCveadded 2019/11/26 5:15 p.m.17 views

CVE-2019-18449

An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions issue 2 of 2...

4.3CVSS5.9AI score0.00071EPSS
Exploits0References2
Prion
Prionadded 2019/11/26 5:15 p.m.14 views

Design/Logic Flaw

An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions issue 2 of 2...

4CVSS4.7AI score0.00071EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2019/11/26 5:15 p.m.0 views

UBUNTU-CVE-2019-18449

An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions issue 2 of 2...

4.3CVSS5.8AI score0.00071EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2019/11/26 4:47 p.m.20 views

CVE-2019-18449

Removed by vendor...

4.3CVSS5.8AI score0.00071EPSS
Exploits0
Cvelist
Cvelistadded 2019/11/26 4:47 p.m.14 views

CVE-2019-18449

An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions issue 2 of 2...

5.4AI score0.00071EPSS
Exploits0References2
CVE
CVEadded 2019/11/26 4:47 p.m.61 views

CVE-2019-18449

CVE-2019-18449 affects GitLab Community and Enterprise Edition prior to 12.4, where the autocomplete feature exposes Insecure Permissions (issue 2 of 2). The available connected sources corroborate that the issue is tied to the autocomplete function and insecure permissions. Public notices refere...

4.3CVSS4.6AI score0.00071EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2019/10/10 5:1 a.m.33 views

CVE-2017-12175

Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality...

5.4CVSS5.9AI score0.00473EPSS
Exploits1References1
CNVD
CNVDadded 2019/09/29 12:0 a.m.2 views

Unspecified Vulnerability in Teclib GLPI

Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A security vulnerability exists in Teclib GLPI 9.4.3 and earlier versions,...

8.8CVSS6.9AI score0.03011EPSS
Exploits1References1
OSV
OSVadded 2019/09/25 8:15 p.m.1 views

UBUNTU-CVE-2019-14666

GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an arbitrary password for any use...

8.8CVSS7.2AI score0.03011EPSS
Exploits1References3
OSV
OSVadded 2019/08/27 6:15 p.m.14 views

CVE-2019-15701

components/Modals/HelpModal.jsx in BloodHound 2.2.0 allows remote attackers to execute arbitrary OS commands by spawning a child process as the current user on the victim's machine when the search function's autocomplete feature is used. The victim must import data from an Active Directory with a...

8.8CVSS7.7AI score
Exploits0References1
NVD
NVDadded 2019/08/27 6:15 p.m.8 views

CVE-2019-15701

components/Modals/HelpModal.jsx in BloodHound 2.2.0 allows remote attackers to execute arbitrary OS commands by spawning a child process as the current user on the victim's machine when the search function's autocomplete feature is used. The victim must import data from an Active Directory with a...

8.8CVSS9AI score0.00655EPSS
Exploits1References1
Cvelist
Cvelistadded 2019/08/27 5:25 p.m.14 views

CVE-2019-15701

components/Modals/HelpModal.jsx in BloodHound 2.2.0 allows remote attackers to execute arbitrary OS commands by spawning a child process as the current user on the victim's machine when the search function's autocomplete feature is used. The victim must import data from an Active Directory with a...

9AI score0.00655EPSS
Exploits1References1
OSV
OSVadded 2019/07/24 5:36 p.m.3 views

DRUPAL-CONTRIB-2019-060

This module provides an autocomplete widget for text fields that suggests all existing previously entered values for that field. The module doesn't sufficiently check for proper access permission before returning autocomplete results. This vulnerability is mitigated by the fact that an attacker...

6.7AI score
Exploits0References1
Drupal
Drupaladded 2019/07/24 12:0 a.m.11 views

Existing Values Autocomplete Widget - Critical - Access bypass - SA-CONTRIB-2019-060

This module provides an autocomplete widget for text fields that suggests all existing previously entered values for that field. The module doesn't sufficiently check for proper access permission before returning autocomplete results. This vulnerability is mitigated by the fact that an attacker...

6.5AI score
Exploits0References6
Rows per page
Query Builder