CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/01/16 5:15 p.m.•4 views

PYSEC-2026-169

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

6.1CVSS5.8AI score0.00205EPSS

OSV•added 2026/01/16 5:15 p.m.•2 views

UBUNTU-CVE-2026-23528

6.1CVSS5.8AI score0.00205EPSS

AlpineLinux•added 2026/01/16 4:44 p.m.•2 views

CVE-2026-23528

6.1CVSS5.8AI score0.00205EPSS

CNNVD•added 2026/01/16 12:0 a.m.•3 views

Distributed security vulnerabilities

Distributed is a distributed task scheduler developed by Dask. Versions prior to Distributed 2026.1.0 contained a security vulnerability. This vulnerability stemmed from a cross-site scripting error in the Dask dashboard, which could allow code execution through a phishing URL...

6.1CVSS6AI score0.00205EPSS

Exploits0References3

Packet Storm News•added 2025/04/28 12:0 a.m.•3 views

Phishing URL Detection Using Bi-LSTM

Phishing attacks threaten online users, often leading to data breaches, financial losses, and identity theft. Traditional phishing detection systems struggle with high false positive rates and are usually limited by the types of attacks they can identify. This paper proposes a deep learning-based...

6.9AI score

Packet Storm News•added 2025/04/25 12:0 a.m.•3 views

A Gradient-Optimized TSK Fuzzy Framework for Explainable Phishing Detection

Phishing attacks represent an increasingly sophisticated and pervasive threat to individuals and organizations, causing significant financial losses, identity theft, and severe damage to institutional reputations. Existing phishing detection methods often struggle to simultaneously achieve high...

6.9AI score

The Hacker News•added 2023/08/29 2:38 p.m.•68 views

DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates

A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. "The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliates," Telekom...

7AI score

Malwarebytes•added 2022/09/21 12:30 p.m.•19 views

Scammers send fake 'Energy Bills Support Scheme' texts

Watch out for an energy-themed scam being sent out via SMS. The message plays on energy price fears, similar to what weve seen previously. Scam alert. I just received this text. Click through and it looks very official. Its a scam. The £400 energy bill discount is automatic, you dont need to...

1.6AI score

Malwarebytes•added 2022/05/06 10:37 a.m.•26 views

How Instagram scammers talk users out of their accounts

If youve dealt with a scammer, youll know that making up stories is their bread and butter. Think about it: Just when you thought youd heard all the infamous 419 scam backstories, scammers surprise you with a "stuck astronaut" scam, something so utterly hilarious, nonsensical, and otherworldly th...

0.4AI score

NVD•added 2021/06/11 3:15 p.m.•13 views

CVE-2021-25419

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link...

6.5CVSS0.0076EPSS

Exploits0References1

Cvelist•added 2021/06/11 2:33 p.m.•16 views

CVE-2021-25419

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link...

6.6AI score0.0076EPSS

Exploits0References1

Kitploit•added 2021/01/05 8:30 p.m.•966 views

MaskPhish - Give A Mask To Phishing URL

MaskPhish is a simple script to hidephishing URL under a normal looking URLgoogle.com or facebook.com. Legal Disclaimer: Usage of MaskPhish for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws...

7.2AI score

Exploits0References3

Packet Storm•added 2020/10/09 12:0 a.m.•538 views

Twitter Analytics Open Redirect

================================================================================Twitter Analytics Open Redirect Vulnerability ================================================================================ Credit by Asheesh Anaconda Description An open redirect vulnerability exists in Twitter...

7.4AI score

OSV•added 2018/10/18 4:48 p.m.•23 views

GHSA-95M6-MJH3-58GM Improper Authentication in org.keycloak:keycloak-core

It was found that the keycloak before 2.3.0 did not implement authentication flow correctly. An attacker could use this flaw to construct a phishing URL, from which he could hijack the user's session. This could lead to information disclosure, or permit further possible attacks...

8.1CVSS7.9AI score0.01679EPSS

Prion•added 2018/08/01 5:29 p.m.•20 views

Authentication flaw

5.8CVSS6.8AI score0.01679EPSS

Exploits0References4Affected Software1

NVD•added 2018/08/01 5:29 p.m.•33 views

CVE-2016-8609

8.1CVSS5.1AI score0.01679EPSS

Cvelist•added 2018/08/01 5:0 p.m.•33 views

CVE-2016-8609

3.7CVSS8AI score0.01679EPSS

RedHat Linux•added 2016/12/13 7:26 p.m.•4 views

keycloak: account hijacking via auth code fixation

It was found that the keycloak did not implement authentication flow correctly. An attacker could use this flaw to construct a phishing URL, from which he could hijack the user's session. This could lead to information disclosure, or permit further possible attacks...

8.1CVSS5.8AI score0.01679EPSS

Kitploit•added 2015/06/24 6:10 p.m.•42 views

Acunetix v10 - Web Application Security Testing Tool

Acunetix, the pioneer in automated web application security software, has announced the release of version 10 of its Vulnerability Scanner. New features are designed to prevent the risk of hacking for all customers; from small businesses up to large enterprises, including WordPress users, web...

7.3AI score