Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/05/13 7:5 p.m.30 views

CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

8.6CVSS0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.4 views

Discourse 安全漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse. An attacker exploited the vulnerability to inject iframes from any domain, thereby bypassing...

6.1CVSS6.5AI score0.0036EPSS
Exploits0References4
Code423n4
Code423n4
added 2022/07/19 12:0 a.m.21 views

ETHRegistrarController._setRecords can register invalid domains and to some degree, its possible to register any domain name

Lines of code Vulnerability details Impact 1. Register invalid domains at Registrar. 2. It's possible to register any domain name. Proof of Concept ETHRegistrarController.setRecords call function at address resolveruser input with call data bytes calldata datauser input. So it can bypass any meth...

6.7AI score
Exploits0
OSV
OSV
added 2022/05/24 5:13 p.m.6 views

GHSA-MR5M-2385-2VCP xdlocalstorage does not verify request origin

An issue was discovered in xdLocalStorage through 2.0.5. The postData function in xdLocalStoragePostMessageApi.js specifies the wildcard as the targetOrigin when calling the postMessage function on the parent object. Therefore any domain can load the application hosting the "magical iframe" and...

8.8CVSS7.2AI score0.0141EPSS
Exploits1References5
Rows per page
Query Builder