Lucene search
K

489 matches found

Patchstack
Patchstack
added 2025/12/31 12:0 a.m.5 views

WordPress Feedify - Web Push Notifications plugin < 2.4.6 - Reflected XSS vulnerability

WordPress Feedify - Web Push Notifications plugin 2.4.6 - Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Feedify – Web Push Notifications versions 2.4.6...

7.1CVSS5.3AI score0.00263EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/12/15 12:0 a.m.7 views

WordPress plugin OneSignal – Web Push Notifications 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

5.3CVSS6.3AI score0.003EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.4 views

CVE-2025-62869

Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net - Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net - Web Push Notifications: from n/a through...

4.3CVSS7AI score0.00209EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-202015

Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net Web Push Notifications: from n/a through =...

6.5AI score0.00209EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:18 p.m.6 views

CVE-2025-62869

Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net – Web Push Notifications: from n/a through...

4.3CVSS0.00209EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:52 p.m.9 views

CVE-2025-62869

CVE-2025-62869 affects the WordPress plugin Gravitec.net – Web Push Notifications (versions

4.3CVSS5.1AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:52 p.m.2 views

CVE-2025-62869 WordPress Gravitec.net – Web Push Notifications plugin <= 2.9.17 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net – Web Push Notifications: from n/a through...

4.3CVSS5.1AI score0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-50014

Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net Web Push Notifications: from n/a through =...

7AI score0.00209EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/06 3:30 p.m.5 views

WordPress Gravitec.net – Web Push Notifications plugin <= 2.9.17 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Gravitec.net Web Push Notifications versions = 2.9.17...

4.3CVSS7AI score0.00209EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/12/03 5:0 p.m.18 views

CVE-2025-20383 Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive...

4.3CVSS0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/03 5:0 p.m.3 views

CVE-2025-20383 Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive...

4.3CVSS6.2AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 2025/12/03 5:0 p.m.14 views

CVE-2025-20383

CVE-2025-20383 affects Splunk Enterprise (below 10.0.2 and older 9.x branches) and the Splunk Secure Gateway app (below 3.7.28/3.8.58/3.9.10) in Splunk Cloud Platform. A low-privilege user with mobile push notifications enabled can see the title and description of reports/alerts they are not auth...

4.3CVSS6.2AI score0.00271EPSS
Exploits0References1Affected Software3
Malwarebytes
Malwarebytes
added 2025/11/24 3:43 p.m.9 views

Matrix Push C2 abuses browser notifications to deliver phishing and malware

Cybercriminals are using browser push notifications to deliver malware and phishing attacks. Researchers at BlackFog described how a new command-and-control platform, called Matrix Push C2, uses browser push notifications to reach potential victims. When we warned back in 2019 that browser push...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/22 6:47 a.m.14 views

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control C2 platform called Matrix Push C2. "This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target...

9.8CVSS8.8AI score0.99962EPSS
Exploits24
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.4 views

Microsoft Windows Push Notifications 信息泄露漏洞

Microsoft Windows Push Notifications is a push notification service from Microsoft Corporation USA. It provides a reliable way to deliver new updates. Microsoft Windows Push Notifications suffers from an information disclosure vulnerability that stems from an attacker's ability to obtain sensitiv...

5.5CVSS8.6AI score0.00436EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-14343

Malware in sbrugna...

7.8CVSS7.7AI score0.00787EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-24805

Malware in sbrugna...

6.1CVSS6.3AI score0.00895EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-4989

Malware in sbrugna...

4.3CVSS6.3AI score0.01332EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-57913

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00426EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33040

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00573EPSS
Exploits0References2
Rows per page
Query Builder