Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

414 matches found

CVE
CVEadded 2022/12/08 9:29 p.m.112 views

CVE-2022-23494

Summary (CVE-2022-23494): TinyMCE (open source rich text editor) suffers a cross-site scripting (XSS) vulnerability in alert/confirm dialogs when provided with malicious HTML, potentially allowing arbitrary JavaScript execution in the current user’s browser. Affected versions clock to TinyMCE 5.x...

6.1CVSS5.7AI score0.00905EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVEadded 2022/12/08 9:29 p.m.22 views

CVE-2022-23494

Removed by vendor...

6.1CVSS6.2AI score0.00905EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2022/11/02 7:0 p.m.28 views

Apache Airflow Open Redirect vulnerability

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint...

6.1CVSS6.1AI score0.01494EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2022/11/02 12:15 p.m.13 views

CVE-2022-43985

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint...

6.1CVSS6.1AI score
Exploits0References2
PyPA
PyPAadded 2022/11/02 12:15 p.m.6 views

PYSEC-2022-42971

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint...

6.1CVSS6.8AI score0.01494EPSS
Exploits0References7Affected Software1
Prion
Prionadded 2022/11/02 12:15 p.m.25 views

Open redirect

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint...

5.8CVSS6.1AI score0.01494EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2022/11/02 12:0 a.m.2 views

PT-2022-27055 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.4.2 Description: The issue is related to an open redirect in the webserver's "/confirm" endpoint. Recommendations: For versions prior to 2.4.2, update to version 2.4.2 or later to resolve the issue...

6.1CVSS6AI score0.01494EPSS
Exploits0References10
CNNVD
CNNVDadded 2022/11/02 12:0 a.m.15 views

Apache Airflow 输入验证错误漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An input validation error vulnerability exists in Apache Airflow versions prior to...

6.1CVSS7.3AI score0.01494EPSS
Exploits0References3
Veracode
Veracodeadded 2022/09/23 8:30 a.m.19 views

Open Redirect

apacheairflow is vulnerable to open redirect attacks. The vulnerability exists in confirm function of views.py because of an open redirect in the webserver's confirm endpoint which allows an attacker to provide malicious URLs...

6.1CVSS6.1AI score0.01413EPSS
Exploits0References4Affected Software1
PyPA
PyPAadded 2022/09/21 8:15 a.m.8 views

PYSEC-2022-280

In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's /confirm endpoint...

6.1CVSS6.9AI score0.01413EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2022/09/21 7:25 a.m.5 views

CVE-2022-40754 Open Redirect

In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's /confirm endpoint...

6.7AI score0.01413EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/09/21 12:0 a.m.3 views

Apache Airflow 输入验证错误漏洞

Apache Airflow is an open source platform for creating, managing and monitoring workflows from the Apache Foundation. Apache Airflow versions 2.3.0 to 2.3.4 have an open redirection vulnerability, which originates from the /confirm port of the web server does not do a reasonable job on the target...

6.1CVSS6.8AI score0.01413EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/09/21 12:0 a.m.3 views

PT-2022-25514 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 2.3.0 through 2.3.4 Description: The issue is related to an open redirect in the webserver's "/confirm" endpoint. This endpoint is vulnerable to open redirect attacks. Recommendations: For Apache Airflow versions 2.3.0...

6.1CVSS5.9AI score0.01413EPSS
Exploits0References13
OSV
OSVadded 2022/08/05 4:15 p.m.2 views

CVE-2022-33729

Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device...

3.3CVSS5.8AI score0.0009EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/08/05 12:0 a.m.3 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung. A security vulnerability exists in SAMSUNG Mobile devices ConfirmConnectActivity SMR prior to Aug-2022 Release 1, which stems from an improper restriction of...

5.9CVSS4.9AI score0.0009EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2022/08/05 12:0 a.m.4 views

PT-2022-21846 · Nfc · Nfc

Name of the Vulnerable Software and Affected Versions: NFC prior to SMR Aug-2022 Release 1 Description: The issue is related to an improper restriction of broadcasting Intent in ConfirmConnectActivity, which leaks the MAC address of the connected Bluetooth device. Recommendations: For NFC prior t...

5.9CVSS3.9AI score0.0009EPSS
Exploits0References3
NVD
NVDadded 2022/07/12 2:15 p.m.11 views

CVE-2022-30755

Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent...

7.8CVSS0.00101EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/07/11 1:32 p.m.18 views

CVE-2022-30755

Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent...

7.3CVSS8AI score0.00101EPSS
Exploits0References1
Openbugbounty
Openbugbountyadded 2022/07/09 5:19 p.m.17 views

nobull.com Cross Site Scripting vulnerability OBB-2749158

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Huntr
Huntradded 2022/05/18 4:44 a.m.6 views

Stored XSS

Description Stored XSS in ListAgenciaTransporte module in facturascripts is triggered when clicking the scrolling middle mouse button. Proof of Concept 1.Create a new non-admin account 2.Login and goto http://localhost/invoices/EditAgenciaTransporte 3.Add new user with website link to...

6.1AI score
Exploits0References1
Rows per page
Query Builder