Lucene search
K

251 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/26 7:36 p.m.16 views

CVE-2026-9642

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00053EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/01/29 2:25 a.m.146 views

Windows-Exploit-Development-Lab

Metodología de Análisis de Vulnerabilidades y Explotación...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/17 6:29 p.m.8 views

CVE-2025-15032

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...

7.4CVSS6.7AI score0.00237EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/16 6:11 p.m.4 views

CVE-2025-15032 CVE-2025-15032: Increased Spoofing risk; custom new window missing about:blank

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...

7.4CVSS6.3AI score0.00237EPSS
Exploits0References1
CVE
CVE
added 2026/01/16 6:11 p.m.17 views

CVE-2025-15032

Dia for macOS before 1.9.0 is vulnerable to spoofing of the window title due to a missing about:blank indicator in custom-sized new windows. The root cause is the absence of a visual cue (about:blank indicator) that can mislead users about the current site. Affected product: Dia (macOS). Impact: ...

7.4CVSS6.3AI score0.00237EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/16 6:11 p.m.2 views

CVE-2025-15032

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...

7.4CVSS5.4AI score0.00237EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/16 6:11 p.m.28 views

CVE-2025-15032 CVE-2025-15032: Increased Spoofing risk; custom new window missing about:blank

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...

7.4CVSS0.00237EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

Dia security vulnerabilities

Dia is an AI-driven smart browser developed by Dia Company. Versions of Dia prior to 1.9.0 contained a security vulnerability. This vulnerability stemmed from the absence of the about:blank indicator in new windows with custom sizes, which could allow attackers to deceive trusted domains and...

7.4CVSS5.8AI score0.00237EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.11 views

PT-2026-3271

Name of the Vulnerable Software and Affected Versions Dia versions prior to 1.9.0 Description A flaw exists in Dia that, on macOS, could allow an attacker to spoof a trusted domain in the window title of custom-sized new windows. This could mislead users about the current site due to a missing...

7.4CVSS6.2AI score0.00237EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/25 3:48 p.m.9 views

CVE-2025-13132

A flaw was found in dia. This vulnerability allows users to be misled about the current site via a malicious site rendering a fake user interface UI without a full-screen notification...

7.4CVSS6.3AI score0.00212EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.6 views

The Browser Company of New York Dia 安全漏洞

The Browser Company of New York Dia is an AI browser from The Browser Company of New York, USA. A security vulnerability exists in The Browser Company of New York Dia prior to version 1.6, which stems from a lack of notification alerts in full-screen mode and could lead to users being misled...

7.4CVSS6.5AI score0.00212EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/12 10:25 p.m.2 views

EUVD-2025-137946

Malicious code in astam-ifst-dia npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.4 views

Malicious code in dia-27 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cd0769cac0a842fd220e0e01e01faa7f8cc1e51330080a63eb0b94900f5bc3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.3 views

Malicious code in dia-29 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39ace05da76ee6137520277d1359ec38173497c04ac97a43a38e1e69b06e0c0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.3 views

Malicious code in dia-33 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9a357b449d33275aafbaee155b1658641cbb7cc3956bf69d0a83013fa79a790 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.3 views

MAL-2025-154313 Malicious code in dia-30 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eff1123100fa9c082f85bb48c95034eae67ab9c27c43f4cc1ca2b4f3abcb0525 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.3 views

MAL-2025-154331 Malicious code in dia-47 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67e3d096c1c4b2667da07b85edfa060ab4e7c7b5c10455f09327eb261f630ec3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.2 views

MAL-2025-154296 Malicious code in dia-15 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fdba0d2be064e26691b72b3dd34dc42756849707b82ffb36709cd5189002235 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.2 views

MAL-2025-154319 Malicious code in dia-36 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 372e77d612b0ec10fc69dbedfa115457bc9243f66a9d6110a642dde48fefe332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 4:47 p.m.2 views

MAL-2025-154329 Malicious code in dia-45 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 763f572951c858607e292547d7632b5ec90401747022ccfade39b8ac400ab5b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder