Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

ThreatPost
ThreatPostadded 2021/05/14 2:3 p.m.74 views

Scheme Flooding Allows User Tracking Across Browsers

A security researcher has discovered a vulnerability that allows websites to track users across a number of different desktop browsers — including Apple Safari, Google Chrome, Microsoft Edge, Mozilla Firefox and Tor — posing a threat to cross-browser anonymity. Called “scheme flooding,” the flaw...

5.8AI score
Exploits0References14
NVD
NVDadded 2019/02/18 3:29 p.m.15 views

CVE-2019-6453

mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling Chrome is not exploitable...

8.1CVSS8.4AI score0.84944EPSS
Exploits9References6
Prion
Prionadded 2019/02/18 3:29 p.m.23 views

Design/Logic Flaw

mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling Chrome is not exploitable...

6.8CVSS8.3AI score0.84944EPSS
Exploits9References6Affected Software1
Cvelist
Cvelistadded 2019/02/18 3:0 p.m.17 views

CVE-2019-6453

mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling Chrome is not exploitable...

8.4AI score0.84944EPSS
Exploits9References6
CVE
CVEadded 2019/02/18 3:0 p.m.115 views

CVE-2019-6453

mIRC before 7.55 is affected by CVE-2019-6453 due to argument injection via custom URI protocol handlers. An irc:// URI can load an arbitrary .ini file from a UNC share pathname, enabling remote command execution in the context of the application. Exploitation depends on browser-specific URI hand...

8.1CVSS8AI score0.84944EPSS
Exploits9References6Affected Software1
Hacker One
Hacker Oneadded 2018/09/13 3:37 p.m.79 views

Mail.ru: XSS in touch.mail.ru

Browser specific user assisted DOM based XSS in message editor undo functionality via quoted content. Vulnerability did not affected mobile browsers used by majority of touch.mail.ru web interface users...

4.1AI score
Exploits0
Hacker One
Hacker Oneadded 2015/11/02 4:10 p.m.8 views

Mail.ru: [evo2.my.com] Reflected XSS

Browser-specific reflected XSS via POST parameters in evo2.my.com. evo2.my.com is not covered by bug bounty scope...

3.7AI score
Exploits0
Hacker One
Hacker Oneadded 2015/11/01 7:26 p.m.12 views

Mail.ru: [aw.my.com] Reflected XSS

Browser-specific reflected XSS via URI parameters in aw.my.com. aw.my.com is not covered by bug bounty scope...

3.7AI score
Exploits0
Cisco
Ciscoadded 2012/08/10 5:11 p.m.27 views

Cisco IOS SSL VPN Portal Page Denial of Service Vulnerability

Cisco IOS Software contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service DoS condition on a targeted system. The vulnerability is due to an unspecified issue that causes a device running the vulnerable software to reload when the web browser...

3.5CVSS2AI score0.00347EPSS
Exploits0References1
Rows per page
Query Builder