Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

OSV
OSVadded 2026/04/24 4:4 p.m.2 views

BIT-LIBPYTHON-2026-6019 BaseCookie.js_output() does not neutralize embedded characters

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

6.1CVSS5.2AI score0.00042EPSS
Exploits1References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2005-3059

Malware in sbrugna...

10CVSS6.4AI score0.00458EPSS
Exploits0References5
OSV
OSVadded 2020/04/27 3:15 p.m.0 views

CVE-2020-11821

In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding, base64 encoding, and hashing. Thus, an attacker can easily apply brute force on them...

5.3CVSS6.1AI score
Exploits0References1
OSV
OSVadded 2019/06/06 4:29 p.m.2 views

CVE-2019-7311

An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. A lack of encryption in how the user login cookie admin-auth is stored on a victim's computer results in the admin password being discoverable by a local attacker, and usable to gain administrative access to the victim's router...

7.8CVSS5.8AI score0.00012EPSS
Exploits0References2
Rows per page
Query Builder