Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-25231

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.0005EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/08/21 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2017-5110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux,...

6.5CVSS6.8AI score0.00629EPSS
Exploits0References2
OSV
OSVadded 2025/08/19 9:15 p.m.1 views

CVE-2025-8364

A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. Note: This issue only affected Android operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 141...

4.3CVSS5.8AI score
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2025/08/19 8:52 p.m.1 views

CVE-2025-8364

A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. Note: This issue only affected Android operating systems. Other operating systems are unaffected.. This vulnerability was fixed in Firefox 141...

4.3CVSS5.8AI score0.0005EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2023/02/15 5:17 a.m.2 views

SUSE CVE-2015-4490

The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matching, which might make it easier for remote...

4.3CVSS8.1AI score0.00223EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2023/02/15 4:51 a.m.2 views

SUSE CVE-2017-5110

Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page...

6.5CVSS8.5AI score0.00629EPSS
Exploits0References5
OSV
OSVadded 2019/03/20 12:0 a.m.1 views

UBUNTU-CVE-2019-9808

If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about which site is asking for this permission. This...

5.3CVSS6.7AI score0.00092EPSS
Exploits0References5
OSV
OSVadded 2017/10/27 5:29 a.m.1 views

CVE-2017-5110

Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page...

6.5CVSS7AI score
Exploits0References6
OSV
OSVadded 2017/10/27 5:29 a.m.0 views

UBUNTU-CVE-2017-5110

Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page...

6.5CVSS7.3AI score0.00629EPSS
Exploits0References3
Rows per page
Query Builder