Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2025/09/02 11:39 p.m.1 views

CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...

7.5CVSS6.4AI score0.00014EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.1 views

Malicious code in component-dfp (npm)

The package component-dfp was found to contain malicious code...

7AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-17455 Malicious code in component-dfp (npm)

The package component-dfp was found to contain malicious code...

7.2AI score
Exploits0
Drupal
Drupaladded 2022/05/04 12:0 a.m.13 views

Doubleclick for Publishers (DFP) - Moderately critical - Cross site scripting - SA-CONTRIB-2022-035

Doubleclick for Publishers DFP module enables a site to place ads from Doubleclick For Publishers. The module doesn't sanitize user input in certain cases, which leads to Cross-Site-Scripting XSS vulnerabilities. An attacker that can create or edit certain entities may be able to exploit a...

6AI score
Exploits0References6
Drupal
Drupaladded 2017/01/04 12:0 a.m.18 views

Doubleclick for Publishers (DFP) - Moderately Critical - Multiple vulnerabilities - SA-CONTRIB-2017-002

This module enables you to to place advertisements on your site that are served by Google's DFP Doubleclick for Publisher service. The module has multiple Cross Site Scripting XSS vulnerabilities due to not sufficiently escaped fields. The "administer DFP" permission is not marked as restricted...

6.3AI score
Exploits0References13
CVE
CVEadded 2014/10/13 6:0 p.m.39 views

CVE-2014-8748

CVE-2014-8748 is a Drupal DFP (Doubleclick for Publishers) module XSS vulnerability in the 7.x-1.x line, where unsanitized slot names output to HTML allows remote authenticated users with the administer dfp permission to inject arbitrary script or HTML. The affected versions are DFP 7.x-1.x prior...

3.5CVSS5.4AI score0.00201EPSS
Exploits0References4Affected Software1
Drupal
Drupaladded 2014/01/22 12:0 a.m.13 views

SA-CONTRIB-2014-003 - Doubleclick for Publishers DFP - Cross Site Scripting (XSS)

This module enables you to create blocks to place advertisements from the Google Double Click for Publishers API DFP. The module doesn't sufficiently sanitize the slot names prior to output into HTML. This vulnerability is mitigated by the fact that an attacker must have a role with the permissio...

3.5CVSS6.3AI score0.00201EPSS
Exploits0References10
Rows per page
Query Builder