Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3965 matches found

Openbugbounty
Openbugbountyadded 2016/11/10 9:45 p.m.11 views

slarti.myfreeforum.org XSS vulnerability

Vulnerable URL: http://slarti.myfreeforum.org/screenshots/jscreen.php?jsoncallback=prompt/OPENBUGBOUNTY/...

6.9AI score
Exploits0
Openbugbounty
Openbugbountyadded 2016/11/10 9:18 p.m.7 views

turl.ca XSS vulnerability

Vulnerable URL: http://turl.ca/json.php?jsoncallback=prompt/OPENBUGBOUNTY/...

6.9AI score
Exploits0
Openbugbounty
Openbugbountyadded 2016/11/05 8:14 p.m.9 views

jamtransfer.com XSS vulnerability

Vulnerable URL: http://www.jamtransfer.com/widget/data.php?callback=prompt/OPENBUGBOUNTY/...

6.9AI score
Exploits0
Openbugbounty
Openbugbountyadded 2016/11/03 10:50 p.m.10 views

kran-ts.ru XSS vulnerability

Vulnerable URL: http://kran-ts.ru/my/s3/captcha/get.php?callback=prompt/OPENBUGBOUNTY/...

6.9AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2016/11/03 8:12 a.m.2 views

php: Double free in _php_mb_regex_ereg_replace_exec

A double free flaw was found in the mberegreplacecallback function of php which is used to perform regex search. This flaw could possibly cause a PHP application to crash...

9.8CVSS7.1AI score0.20989EPSS
Exploits1References4
0day.today
0day.todayadded 2016/11/01 12:0 a.m.39 views

NVIDIA Driver - NvStreamKms Stack Buffer Overflow in PsSetCreateProcessNotifyRoutineEx Callback Priv

Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=918 The NvStreamKms.sys driver calls PsSetCreateProcessNotifyRoutineEx to set up a process creation notification routine. In this particular routine, if cur-imagenamescount 0 ...

7.2CVSS7.9AI score0.00376EPSS
Exploits1
Openbugbounty
Openbugbountyadded 2016/10/24 1:7 p.m.9 views

tylkodlazabawy.pl XSS vulnerability

Vulnerable URL: http://tylkodlazabawy.pl/login.php?callback=prompt/OPENBUGBOUNTY/...

6.9AI score
Exploits0
OSV
OSVadded 2016/10/05 4:59 p.m.2 views

DEBIAN-CVE-2016-7161

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU aka Quick Emulator allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet...

9.8CVSS8.9AI score0.16707EPSS
Exploits0References1
OSV
OSVadded 2016/10/05 12:0 a.m.0 views

UBUNTU-CVE-2016-7161

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU aka Quick Emulator allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet...

9.8CVSS7.6AI score0.16707EPSS
Exploits0References5
OSV
OSVadded 2016/08/26 7:59 p.m.2 views

CVE-2016-5663

Multiple cross-site scripting XSS vulnerabilities in oauthcallback.php on Accellion Kiteworks appliances before kw2016.03.00 allow remote attackers to inject arbitrary web script or HTML via the 1 code, 2 error, or 3 errordescription parameter...

6.1CVSS5.9AI score0.00492EPSS
Exploits0References2
NVD
NVDadded 2016/08/26 7:59 p.m.14 views

CVE-2016-5663

Multiple cross-site scripting XSS vulnerabilities in oauthcallback.php on Accellion Kiteworks appliances before kw2016.03.00 allow remote attackers to inject arbitrary web script or HTML via the 1 code, 2 error, or 3 errordescription parameter...

6.1CVSS6.1AI score0.00492EPSS
Exploits0References2
OpenSSL
OpenSSLadded 2016/08/23 12:0 a.m.90 views

Vulnerability in OpenSSL - Malformed SHA512 ticket DoS

If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash. The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism...

7.7AI score0.18419EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessusadded 2016/08/12 12:0 a.m.52 views

RHEL 7 : php (RHSA-2016:1613) (httpoxy)

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

8.1CVSS6.8AI score0.80902EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2016/08/11 10:10 p.m.35 views

Moderate: Red Hat Security Advisory: php security and bug fix update

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

8.1CVSS6.7AI score0.80902EPSS
Exploits0References3
Oracle linux
Oracle linuxadded 2016/08/11 12:0 a.m.70 views

php security and bug fix update

5.4.16-36.3 - don't set environmental variable based on user supplied Proxy request header CVE-2016-5385 5.4.16-36.2 - fix segmentation fault in headerregistercallback 1346758...

5.1CVSS1.5AI score0.80902EPSS
Exploits0
Debian CVE
Debian CVEadded 2016/08/07 10:0 a.m.42 views

CVE-2016-5768

Removed by vendor...

9.8CVSS8.7AI score0.20989EPSS
Exploits1
UbuntuCve
UbuntuCveadded 2016/08/05 1:59 a.m.27 views

CVE-2016-5253

The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link...

4.7CVSS6.9AI score0.00058EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2016/08/05 1:0 a.m.28 views

CVE-2016-5253

The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link...

4.7CVSS7.8AI score0.00058EPSS
Exploits0
CVE
CVEadded 2016/08/05 1:0 a.m.121 views

CVE-2016-5253

Mozilla Firefox updater on Windows (pre-48.0) is affected. The Updater can be abused via the callback application-path parameter and a hard link to write arbitrary files (local privilege escalation). A fix is to upgrade to Firefox 48.0 or later; apply vendor advisories for the exact patched versi...

4.7CVSS6.3AI score0.00058EPSS
Exploits0References5Affected Software1
Mozilla
Mozillaadded 2016/08/02 12:0 a.m.41 views

Arbitrary file manipulation by local user through Mozilla updater and callback application path parameter — Mozilla

Security researcher Holger Fuhrmannek reported that when the Updater is opened directly using the callback application path parameter, a copy of a user specified file is made as a callback file. If the target of this file is made with a locked hardlink, an arbitrary local file can be replaced on...

4.7CVSS7.4AI score0.00058EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder