Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-0602

Malware in sbrugna...

4.3CVSS4.6AI score0.00179EPSS
Exploits0References6
Debian CVE
Debian CVEadded 2025/08/19 8:52 p.m.4 views

CVE-2025-8364

A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. Note: This issue only affected Android operating systems. Other operating systems are unaffected.. This vulnerability was fixed in Firefox 141...

4.3CVSS5.3AI score0.0005EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2025/08/19 8:52 p.m.2 views

CVE-2025-8364 Address bar spoofing using an blob URI on Firefox for Android

A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. Note: This issue only affected Android operating systems. Other operating systems are unaffected.. This vulnerability was fixed in Firefox 141...

5.8AI score0.0005EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/07/22 12:0 a.m.2 views

PT-2025-33878

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 141 Description: A crafted URL utilizing a blob: URI could conceal the actual origin of the page, potentially leading to a spoofing attack. This issue specifically impacted Android operating systems. Recommendations:...

9.8CVSS6.3AI score0.01103EPSS
Exploits3References129
Veracode
Veracodeadded 2021/03/03 2:54 a.m.13 views

Sandbox Restrictions Bypass

matrix-react-sdk is vulnerable to sandbox restrictions bypass. The vulnerability exists due to the redundant lockOrigin parameter from usercontent, allowing an attacker to use the user content sandbox to trick users into opening unexpected documents with a blob origin...

4.3CVSS4.8AI score0.00179EPSS
Exploits0References4Affected Software1
Node.js
Node.jsadded 2021/03/03 2:27 a.m.52 views

Sandbox Breakout

Overview In matrix-react-sdk before version 3.15.0 the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a blob origin that cannot access Matrix user data, so messages and secrets are not at risk. Recommendation Upgrade to version 3.15...

4.3CVSS4.5AI score0.00179EPSS
Exploits0Affected Software1
NVD
NVDadded 2021/03/02 3:15 a.m.8 views

CVE-2021-21320

matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a blob origin that cannot access Matrix user data, so...

4.3CVSS0.00179EPSS
Exploits0References4
Cvelist
Cvelistadded 2021/03/02 2:45 a.m.13 views

CVE-2021-21320 User content sandbox can be confused into opening arbitrary documents

matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a blob origin that cannot access Matrix user data, so...

2.6CVSS4.9AI score0.00179EPSS
Exploits0References4
Rows per page
Query Builder