Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2025/02/01 6:36 a.m.1 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the LocalStorage component where specially crafted Content-Disposition headers containing .. in the filename could be used to access files outside the intended storage directories. Details A Directory Traversal...

8.7CVSS7.6AI score
Exploits0References3
OSV
OSVadded 2021/05/14 9:15 p.m.14 views

CVE-2021-32054

Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations, which may cause crafted files to be delivered to clients such that they are rendered directly in a victim's web browser...

6.1CVSS6.7AI score
Exploits0References3
Prion
Prionadded 2021/05/14 9:15 p.m.15 views

Design/Logic Flaw

Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations, which may cause crafted files to be delivered to clients such that they are rendered directly in a victim's web browser...

4.3CVSS6.1AI score0.00358EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2021/05/14 8:39 p.m.6 views

CVE-2021-32054

Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations, which may cause crafted files to be delivered to clients such that they are rendered directly in a victim's web browser...

6.4AI score0.00358EPSS
Exploits0References3
CVE
CVEadded 2021/05/14 8:39 p.m.71 views

CVE-2021-32054

Firely/Incendi Spark before 1.5.5-r4 is affected by a lack of Content-Disposition headers in certain responses, which may cause crafted files to render directly in a victim’s browser. Root cause: missing Content-Disposition headers in some responses. Affected versions: prior to 1.5.5-r4. Mitigati...

6.1CVSS6.1AI score0.00358EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessusadded 2013/07/02 12:0 a.m.38 views

ModSecurity < 2.7.0 Multipart Request Parsing Filter Bypass

According to its banner, the version of ModSecurity installed on the remote host is earlier than 2.7.0. It is, therefore, potentially affected by a security bypass vulnerability. An error exists related to HTTP POST requests and 'Content-Disposition' headers containing extra lines that could allo...

5CVSS5.6AI score0.11456EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2010/06/29 12:0 a.m.58 views

Debian DSA-2064-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0183 'wushi' discovered that incorrect pointer handling in the frame processing code could...

9.3CVSS8.9AI score0.42703EPSS
Exploits6References17
Rows per page
Query Builder