Lucene search
K

113 matches found

Vulnrichment
Vulnrichment
โ€ขadded 2026/03/27 9:26 p.m.โ€ข11 views

CVE-2026-33976 Notesnook vulnerable to RCE via stored XSS in Web Clipper rendering

Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop and 3.3.17 on Android/iOS, a stored XSS in the Web Clipper rendering flow can be escalated to remote code execution in the desktop app. The root cause is that the clipper preserves attacker-controlled attributes from the sourc...

9.6CVSS6.5AI score0.00706EPSS
Exploits1References1
Positive Technologies
Positive Technologies
โ€ขadded 2026/03/27 12:0 a.m.โ€ข4 views

PT-2026-28580

Name of the Vulnerable Software and Affected Versions Notesnook versions prior to 3.3.11 Web/Desktop Notesnook versions prior to 3.3.17 Android/iOS Description Notesnook is a note-taking app. Prior to versions 3.3.11 Web/Desktop and 3.3.17 Android/iOS, a stored Cross-Site Scripting XSS issue exis...

9.6CVSS6.4AI score0.00706EPSS
Exploits1References9
CNNVD
CNNVD
โ€ขadded 2026/03/27 12:0 a.m.โ€ข7 views

Notesnook ไปฃ็ ๆณจๅ…ฅๆผๆดž

Notesnook is an end-to-end encrypted note application developed by Streetwriters. There were code injection vulnerabilities in versions of Notesnook Web/Desktop prior to 3.3.11, as well as in versions for Android/iOS prior to 3.3.17. These vulnerabilities stemmed from a stored-xss vulnerability...

9.6CVSS6.5AI score0.00706EPSS
Exploits1References2
Trellix
Trellix
โ€ขadded 2025/12/18 12:0 a.m.โ€ข22 views

Amadey Exploiting Self-Hosted GitLab to Distribute StealC

Amadey Exploiting Self-Hosted GitLab to Distribute StealC By Rahul Sharma ยท December 18, 2025 Executive summary Amadey is a malware loader that has been active since 2018, primarily used to distribute second-stage payloads and infostealers. While Amadey has been previously known to distribute...

6AI score
Exploits0
EUVD
EUVD
โ€ขadded 2025/10/07 12:30 a.m.โ€ข4 views

EUVD-2001-0584

Malware in sbrugna...

5CVSS6.4AI score0.03363EPSS
Exploits1References5
EUVD
EUVD
โ€ขadded 2025/10/07 12:30 a.m.โ€ข4 views

EUVD-2015-0880

Malware in sbrugna...

4.3CVSS6.4AI score0.01161EPSS
Exploits0References5
EUVD
EUVD
โ€ขadded 2025/10/07 12:30 a.m.โ€ข5 views

EUVD-2021-14833

Malware in sbrugna...

9.8CVSS9.2AI score0.05169EPSS
Exploits1References5
EUVD
EUVD
โ€ขadded 2025/10/07 12:30 a.m.โ€ข7 views

EUVD-2019-4186

Malware in sbrugna...

6.1CVSS6.4AI score0.01076EPSS
Exploits0References3
EUVD
EUVD
โ€ขadded 2025/10/07 12:30 a.m.โ€ข5 views

EUVD-2018-4080

Malware in sbrugna...

5.4CVSS5.5AI score0.01256EPSS
Exploits1References4
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/23 8:42 a.m.โ€ข26 views

CVE-2024-23745

In Notion Web Clipper 1.0.37, a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of...

9.8CVSS7.7AI score0.01984EPSS
Exploits1References1
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/22 7:33 p.m.โ€ข7 views

CVE-2021-28134

Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API...

9.8CVSS7.2AI score0.05169EPSS
Exploits1References1
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/22 7:4 a.m.โ€ข5 views

CVE-2018-12101

CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields...

5.4CVSS6.1AI score0.01256EPSS
Exploits1References1
The Hacker News
The Hacker News
โ€ขadded 2025/04/08 4:7 p.m.โ€ข13 views

Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings

Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office. "One such project, officepackage, on the mai...

7.5AI score
Exploits0
The Hacker News
The Hacker News
โ€ขadded 2024/09/17 7:18 a.m.โ€ข11 views

Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users

Cryptocurrency exchange Binance is warning of an "ongoing" global threat that's targeting cryptocurrency users with clipper malware with the goal of facilitating financial fraud. Clipper malware, also called ClipBankers, is a type of malware that Microsoft calls cryware, which comes with...

6.3AI score
Exploits0
The Hacker News
The Hacker News
โ€ขadded 2024/06/18 1:30 p.m.โ€ข21 views

Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer

Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called Hijack Loader, which then deploys an information stealer known as Vidar Stealer. "Adversaries had managed to trick users into downloading password-protected archive...

7.3AI score
Exploits0
hivepro
hivepro
โ€ขadded 2024/02/08 2:24 p.m.โ€ข18 views

Deceptive Crypto Sites A Breeding Ground for XPhase Clipper

Summary: A global malware campaign is actively targeting cryptocurrency enthusiasts, employing deceptive websites that masquerade as authentic cryptocurrency applications and ultimately leading to the execution of the XPhase Clipper payload. Threat Level - Amber | Attack Report For a detailed...

7.3AI score
Exploits0
OSV
OSV
โ€ขadded 2024/01/31 2:15 a.m.โ€ข4 views

CVE-2024-23745

In Notion Web Clipper 1.0.37, a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of...

9.8CVSS6.1AI score0.01984EPSS
Exploits1References3
NVD
NVD
โ€ขadded 2024/01/31 2:15 a.m.โ€ข36 views

CVE-2024-23745

In Notion Web Clipper 1.0.37, a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of...

9.8CVSS6.4AI score0.01984EPSS
Exploits1References3
Prion
Prion
โ€ขadded 2024/01/31 2:15 a.m.โ€ข27 views

Design/Logic Flaw

In Notion Web Clipper 1.0.37, a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of...

7.5CVSS9.7AI score0.01984EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
โ€ขadded 2024/01/31 12:0 a.m.โ€ข2 views

Notion Web Clipper Command Injection Vulnerability

Notion is an application from Notion that integrates notes, knowledge base, data forms, Kanban, calendars, and many other capabilities into one application. A command injection vulnerability exists in Notion Web Clipper version 1.0.3, which stems from a NIB file that can be manipulated to execute...

9.8CVSS7.9AI score0.01984EPSS
Exploits1References4
Rows per page
Query Builder