Lucene search
K

2716 matches found

Nuclei
Nuclei
added 11 hours ago52 views

Gradio - Open Redirect

An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting XSS, Server-Side Request Forgery SSRF, amongst others. This...

6.1CVSS6.2AI score0.01021EPSS
Exploits1References1
Nuclei
Nuclei
added 11 hours ago86 views

Stable Diffusion Webui 1.10.0 - Open Redirect

An open redirect vulnerability exists in Stable-Diffusion-Webui 1.10.0, where the file parameter in the /file= endpoint can be manipulated to redirect users to malicious websites. This could facilitate phishing attacks by tricking users into visiting attacker-controlled URLs. id: CVE-2024-11044...

6.1CVSS6.4AI score0.00816EPSS
Exploits1References1
Nuclei
Nuclei
added 11 hours ago13 views

GPT Academic v1.3.9 - Open Redirect

An open redirect vulnerability exists in GPT Academic v1.3.9, where the file parameter in the /file= endpoint can be manipulated to redirect users to malicious websites. This could facilitate phishing attacks by tricking users into visiting attacker-controlled URLs. id: CVE-2024-10812 info: name:...

6.1CVSS6.4AI score0.00569EPSS
Exploits1References1
Nuclei
Nuclei
added 11 hours ago36 views

EpiServer Find <13.2.7 - Open Redirect

EpiServer Find before 13.2.7 contains an open redirect vulnerability via the tredirect parameter in a crafted URL, such as a /findv2/click URL. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id:...

6.1CVSS6.3AI score0.0474EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday67 views

Telaen => v1.3.1 - Open Redirect

Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attackers to redirect victims to arbitrary websites via a crafted URL. id: CVE-2013-2621 info: name: Telaen = v1.3.1 - Open Redirect author: ctflearner severity: medium description: | Open Redirection...

6.1CVSS6.6AI score0.10692EPSS
Exploits4References3
Nuclei
Nuclei
added yesterday37 views

UC Gateway Investment SiteEngine v5.0 - Open Redirect

Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action. id: CVE-2008-7269 info: name: UC Gateway Investment SiteEngine v5.0 - Open...

5.8CVSS6.1AI score0.09254EPSS
Exploits0References3
Nuclei
Nuclei
added 3 days ago47 views

XWiki - Open Redirect

XWiki Platform is vulnerable to open redirect attacks due to improper validation of the xredirect parameter. This allows an attacker to redirect users to an arbitrary website. The vulnerability is patched in versions 14.10.4 and 15.0. id: CVE-2023-32068 info: name: XWiki - Open Redirect author:...

6.1CVSS6.5AI score0.5507EPSS
Exploits0References2
Opera Security Advisories
Opera Security Advisories
added 4 days ago4 views

Here’s how Opera’s Paste Protect guards you natively against clipboard attacks

News, Security Here’s how Opera’s Paste Protect guards you natively against clipboard attacks Share July 2nd, 2026 At Opera, user security is a top priority. That’s why today, we are excited to announce that Opera is the first browser to introduce Paste Protect: a native defense measure against...

8.8CVSS7.5AI score0.01654EPSS
Exploits4References1
CVE
CVE
added last week10 views

CVE-2026-43713

CVE-2026-43713 concerns a permissions issue in Safari/WebKit that could allow leakage of sensitive data when visiting a website. The public advisories indicate the fix is in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. Connected documents explicitly describe the vulnerability...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References3Affected Software4
CVE
CVE
added 2026/06/24 5:33 a.m.11 views

CVE-2026-9619

CVE-2026-9619 affects the Reviews and Rating – Docplanner WordPress plugin, vulnerable in all versions up to 1.1.4 due to insufficient authorization checks for an action (sync_reviews AJAX). This allows authenticated users with subscriber-level access and above to trigger outbound scraping, write...

4.3CVSS5.7AI score0.00307EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2026/06/12 6:59 p.m.16 views

Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing

Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence AI agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

SEMCMS 访问控制错误漏洞

SEMCMS is an open-source content management system CMS for foreign trade websites that supports multiple languages. Version SEMCMS 5.0 has a access control vulnerability, which stems from an unauthorized access vulnerability in the SEMCMScopy.php file...

7.5CVSS5.3AI score0.00232EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/06/04 11:28 a.m.18 views

Travel scams are everywhere. Here&#8217;s how to avoid them

Planning a holiday should be exciting, fun, and not a cybersecurity risk. But booking flights, hotels, and rental properties often means sharing sensitive personal and financial information across multiple platforms. Combined with frequent travel scams and recurring data breaches in the travel an...

5.6AI score
Exploits0
Snyk
Snyk
added 2026/06/01 9:0 p.m.9 views

Malicious Package

Overview backup2-asd is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview sixseven3 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview sixseven6 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.6 views

Malicious Package

Overview abuden23 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.13 views

Malicious Package

Overview ratelimitsucks2 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.9 views

Malicious Package

Overview timmytuffknuckles6 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.14 views

Malicious Package

Overview nottuff4 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder