Lucene search
K

57 matches found

CNNVD
CNNVD
added 2026/03/25 12:0 a.m.11 views

Apple多款产品 安全漏洞

Apple iOS and other products are owned by Apple Inc. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have security...

6.5CVSS5.8AI score0.0061EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.4 views

Naver Whale Browser 安全漏洞

Naver Whale Browser is a web browser from Naver, a South Korean company that supports user-defined interfaces. A security vulnerability exists in Naver Whale Browser versions prior to 4.33.325.17, which stems from a specific scheme that can bypass content security policies...

7.5CVSS6.6AI score0.00341EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-27559

Malicious code in bioql PyPI...

6.1CVSS7.9AI score0.00704EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.5 views

HAXcms with nodejs backend 跨站脚本漏洞

HAXcms with nodejs backend is an open source backend management system from HAX The Web. A cross-site scripting vulnerability exists in HAXcms with nodejs backend version 11.0.7 and earlier, which stems from disabling content security policies and could lead to cross-site scripting attacks...

7.2CVSS5.8AI score0.00202EPSS
Exploits0References2
CNVD
CNVD
added 2025/07/04 12:0 a.m.2 views

Google Chrome Security Bypass Vulnerability (CNVD-2025-15175)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from insufficient policy enforcement in the Loader component, which can be exploited by an attacker to bypass content security policies...

5.4CVSS6.8AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.4 views

Discourse 跨站脚本漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes features such as communities, email and chat rooms. A cross-site scripting vulnerability exists in versions prior to Discourse 3.5.0.beta6, which stems from a cross-site scripting attack th...

8.1CVSS5.8AI score0.0063EPSS
Exploits0References2
CNVD
CNVD
added 2024/10/17 12:0 a.m.5 views

Unspecified Vulnerability in Google Chrome (CNVD-2024-44538)

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in versions prior to Google Chrome 130.0.6723.58, which can be exploited by remote attackers to bypass content security policies via a crafted HTML page...

5.3CVSS6.1AI score0.0033EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in versions prior to Google Chrome 130.0.6723.58, which can be exploited by remote attackers to bypass content security policies via a crafted HTML page...

5.3CVSS6.5AI score0.0033EPSS
Exploits0References5
Veracode
Veracode
added 2024/06/03 8:31 a.m.9 views

Cross-site Scripting (XSS)

SimpleSAMLphp is vulnerable to Cross-site Scripting XSS. The vulnerability is due to unvalidated metadata endpoints, allowing malicious parties to substitute URLs with JavaScript code, leading to execution of the code in the user's browser if strict Content Security Policies are not enforced...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2024/05/28 9:30 p.m.16 views

RATELIMITED: Subdomain takeover in GitLab Pages [george.ratelimited.me]

A subdomain takeover vulnerability was discovered in GitLab Pages. Subdomains could be taken over without verification of domain ownership. The vulnerability allowed an attacker to gain control of the subdomain...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/01 12:0 a.m.38 views

Amazon Linux 2 : thunderbird (ALAS-2024-2505)

The version of thunderbird installed on the remote host is prior to 115.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2505 advisory. AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced...

8.8CVSS8.1AI score0.00971EPSS
Exploits3References14
Tenable Nessus
Tenable Nessus
added 2024/03/27 12:0 a.m.28 views

Oracle Linux 8 : thunderbird (ELSA-2024-1494)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1494 advisory. 115.9.0-1.0.1 - Add Oracle prefs 115.9.0-1 - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 Tenable has extracted the preceding description block...

8.8CVSS7.4AI score0.01815EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2024/03/27 12:0 a.m.39 views

Rocky Linux 8 : thunderbird (RLSA-2024:1494)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1494 advisory. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...

8.8CVSS8.3AI score0.01285EPSS
Exploits5References19
Tenable Nessus
Tenable Nessus
added 2024/03/27 12:0 a.m.37 views

Fedora 38 : thunderbird (2024-5d080305ab)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5d080305ab advisory. Update to 115.9.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/ https://www.thunderbird.net/en-US/thunderbird/115.9.0/releasenotes/...

8.8CVSS7.3AI score0.01285EPSS
Exploits4References11
Tenable Nessus
Tenable Nessus
added 2024/03/26 12:0 a.m.28 views

Oracle Linux 7 : thunderbird (ELSA-2024-1498)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1498 advisory. 115.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.9.0-1 - Update to...

8.8CVSS7.4AI score0.01815EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2024/03/25 12:0 a.m.28 views

Debian dla-3775 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3775 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3775-1 [email protected]...

8.8CVSS7.7AI score0.047EPSS
Exploits4References22
Tenable Nessus
Tenable Nessus
added 2024/03/25 12:0 a.m.54 views

CentOS 7 : firefox (RHSA-2024:1486)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1486 advisory. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...

8.8CVSS8.4AI score0.047EPSS
Exploits4References11
Tenable Nessus
Tenable Nessus
added 2024/03/25 12:0 a.m.43 views

CentOS 7 : thunderbird (RHSA-2024:1498)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1498 advisory. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...

8.8CVSS8.3AI score0.01285EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2024/03/25 12:0 a.m.48 views

RHEL 8 : firefox (RHSA-2024:1491)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1491 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.8AI score0.047EPSS
Exploits4References23
Tenable Nessus
Tenable Nessus
added 2024/03/25 12:0 a.m.39 views

RHEL 9 : firefox (RHSA-2024:1485)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1485 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.8AI score0.047EPSS
Exploits4References23
Rows per page
Query Builder