Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 8 hours ago6 views

CURL-CVE-2026-9546 sending old referer

A vulnerability in libcurl caused the HTTP Referer: header to persist even when explicitly cleared. While the documentation states that passing NULL to CURLOPTREFERER suppresses the header, the option failed to clear the internal state. As a result, the previous referrer string was erroneously...

5.9AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/01/09 12:8 p.m.6 views

CVE-2018-18655

Prayer through 1.3.5 sends a Referer header, containing a user's username, when a user clicks on a link in their email because header.t lacks a no-referrer setting...

4.3CVSS6.8AI score0.0084EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2003-1551

Malware in sbrugna...

4.3CVSS6.4AI score0.00968EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/08/26 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2018-18655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prayer through 1.3.5 sends a Referer header, containing a user's username, when a user clicks on a link in their email because header.t lacks a no-referrer...

4.3CVSS5AI score0.0084EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/02/15 3:45 a.m.1 views

SUSE CVE-2021-22876

curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header...

6.1CVSS7.8AI score0.05301EPSS
Exploits1References122
Positive Technologies
Positive Technologiesadded 2022/12/13 12:0 a.m.4 views

PT-2022-27838 · Siemens · Scalance X204Rna +1

Name of the Vulnerable Software and Affected Versions: SCALANCE X204RNA HSR versions prior to V3.2.7 SCALANCE X204RNA PRP versions prior to V3.2.7 SCALANCE X204RNA EEC HSR versions prior to V3.2.7 SCALANCE X204RNA EEC PRP versions prior to V3.2.7 SCALANCE X204RNA EEC PRP/HSR versions prior to...

7.5CVSS7.3AI score0.00604EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2022/05/17 10:46 a.m.7 views

CVE-2022-23067

ToolJet versions v0.5.0 to v1.2.2 are vulnerable to token leakage via Referer header that leads to account takeover . If the user opens the invite link/signup link and then clicks on any external links within the page, it leaks the password set token/signup token in the referer header. Using thes...

8.8CVSS5.8AI score0.01224EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/05/07 5:15 a.m.3 views

CVE-2022-30334

Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that us...

5.3CVSS6AI score0.02179EPSS
Exploits1References5
OSV
OSVadded 2009/09/10 9:30 p.m.7 views

CVE-2009-2797

The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server...

5.8AI score
Exploits0References13
Rows per page
Query Builder