Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-30887

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0006EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2025/09/23 9:18 a.m.2 views

CVE-2025-9342

Authorization Bypass Through User-Controlled Key vulnerability in Anadolu Hayat Emeklilik Inc. AHE Mobile allows Privilege Abuse. This issue affects AHE Mobile: from 1.9.7 before 1.9.9...

6.5CVSS5.4AI score0.0006EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 5:58 a.m.4 views

SUSE CVE-2010-2228

Cross-site scripting XSS vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username...

4.3CVSS6AI score0.0061EPSS
Exploits0References4
OSV
OSVadded 2022/11/28 2:15 p.m.2 views

CVE-2022-3822

The Donations via PayPal WordPress plugin before 1.9.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00304EPSS
Exploits2References1
OSV
OSVadded 2019/07/05 2:15 p.m.0 views

CVE-2019-5980

Cross-site request forgery CSRF vulnerability in Related YouTube Videos versions prior to 1.9.9 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS6.5AI score
Exploits0References3
CNVD
CNVDadded 2019/06/17 12:0 a.m.1 views

WordPress Related YouTube Videos Plugin Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Related YouTube Videos plugin is a plugin used to embed YouTube videos in pages. A cross-site request forgery vulnerability exists in...

8.8CVSS6.7AI score0.00129EPSS
Exploits0References1
OSV
OSVadded 2017/12/27 5:8 p.m.1 views

DEBIAN-CVE-2017-17845

An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs because Math.Random is used by pretty Easy privacy pEp, aka TBE-01-001...

7.3CVSS6.9AI score0.00508EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2017/12/27 5:8 p.m.4 views

CVE-2017-17846

An issue was discovered in Enigmail before 1.9.9. Regular expressions are exploitable for Denial of Service, because of attempts to match arbitrarily long strings, aka TBE-01-003...

7.5CVSS5.5AI score0.00782EPSS
Exploits0References7
CNVD
CNVDadded 2017/12/25 12:0 a.m.2 views

Enigmail Information Disclosure Vulnerability (CNVD-2018-00135)

Enigmail is a data encryption and decryption extension for Mozilla Thunderbird and SeaMonkey web packages that provides OpenPGP's email public key encryption and signing capabilities. An information disclosure vulnerability exists in versions of Enigmail prior to 1.9.9. An attacker can exploit th...

7.5CVSS6.1AI score0.00508EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2009/12/30 12:0 a.m.2 views

PT-2009-6604 · Mysql Server +2 · Mysql Server +2

Name of the Vulnerable Software and Affected Versions: yaSSL versions prior to 1.9.9 MySQL versions prior to 5.0.90 MySQL versions prior to 5.1.43 MySQL versions 5.5.x through 5.5.0-m2 Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service by...

7.5CVSS7.5AI score0.75816EPSS
Exploits4References41
Rows per page
Query Builder