CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

11 matches found

OSV•added 2025/01/29 9:15 a.m.•2 views

UBUNTU-CVE-2024-57965

In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute'href',href call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability...

9.8CVSS7.2AI score0.00342EPSS

Exploits0References4

PyPA•added 2022/04/28 2:15 p.m.•5 views

PYSEC-2022-183

Encode OSS httpx =1.0.0.beta0 is affected by improper input validation in httpx.URL, httpx.Client and some functions using httpx.URL.copywith...

9.1CVSS7AI score0.02047EPSS

Exploits1References6Affected Software1

OSV•added 2021/12/10 6:56 p.m.•0 views

GHSA-HWQF-GCQM-7353 Header injection in nodemailer

The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object...

6.3CVSS5.9AI score0.01381EPSS

Exploits1References5

OSV•added 2021/06/29 12:15 p.m.•13 views

CVE-2021-23400

The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object...

8.8CVSS7.4AI score

Exploits0References4

OSV•added 2021/06/29 12:15 p.m.•2 views

DEBIAN-CVE-2021-23400

The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object...

8.8CVSS8AI score0.01381EPSS

Exploits1References1

UbuntuCve•added 2021/06/29 12:15 p.m.•21 views

CVE-2021-23400

The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object...

8.8CVSS7.2AI score0.01381EPSS

Exploits1References5

Prion•added 2021/06/29 12:15 p.m.•12 views

Design/Logic Flaw

The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object...

6.8CVSS8.9AI score0.01381EPSS

Exploits1References4Affected Software1

Debian CVE•added 2021/06/29 11:45 a.m.•18 views

CVE-2021-23400

The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object...

8.8CVSS8.9AI score0.01381EPSS

RedHat Linux•added 2020/07/14 11:16 a.m.•1 views

Mozilla: Information disclosure due to manipulated URL object

The Mozilla Foundation Security Advisory describes this flaw as: Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript...

6.5CVSS7.3AI score0.03034EPSS

Exploits0References5

RedHat Linux•added 2020/07/06 8:56 p.m.•1 views

Mozilla: Information disclosure due to manipulated URL object

The Mozilla Foundation Security Advisory describes this flaw as: Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript...

6.5CVSS7.3AI score0.03034EPSS

Exploits0References5

RedHat Linux•added 2020/07/06 8:52 p.m.•3 views

Mozilla: Information disclosure due to manipulated URL object

The Mozilla Foundation Security Advisory describes this flaw as: Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript...

6.5CVSS7.3AI score0.03034EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by