Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2015-6663

Malware in sbrugna...

6.8CVSS6AI score0.00831EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-1062

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00279EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2025/08/19 12:0 a.m.4 views

Mozilla Thunderbird < 140.2

The version of Thunderbird installed on the remote Windows host is prior to 140.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-72 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1,...

9.8CVSS8.2AI score0.00194EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2025/08/12 12:0 a.m.2 views

RHEL 8 : thunderbird (RHSA-2025:13650)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:13650 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to...

9.8CVSS8.8AI score0.00781EPSS
Exploits0References20
CVE
CVEadded 2025/04/26 12:0 a.m.55 views

CVE-2025-46654

CVE-2025-46654 affects CodiMD up to version 2.2.0, where a CSP-based XSS protection can be bypassed by uploading an HTML file that references an uploaded JavaScript file. Documented impact is cross-site scripting due to this bypass; the vulnerability applies to 2.2.0 and earlier. No exploit detai...

4.9CVSS6.1AI score0.00018EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2025/04/03 6:24 p.m.19 views

CVE-2025-31486 Vite allows server.fs.deny to be bypassed with .svg or relative paths

Vite is a frontend tooling framework for javascript. The contents of arbitrary files can be returned to the browser. By adding ?.svg with ?.wasm?init or with sec-fetch-dest: script header, the server.fs.deny restriction was able to bypass. This bypass is only possible if the file is smaller than...

5.3CVSS0.04736EPSS
Exploits7References3
SUSE CVE
SUSE CVEadded 2023/02/15 5:7 a.m.2 views

SUSE CVE-2016-1697

The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScrip...

8.8CVSS9.1AI score0.01838EPSS
Exploits1References6
OSV
OSVadded 2006/09/15 7:7 p.m.5 views

CVE-2006-4570

Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message...

6.2AI score
Exploits0References34
Rows per page
Query Builder