Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-2807

Malicious code in bioql PyPI...

8CVSS7.9AI score0.00093EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2025/05/22 4:29 a.m.4 views

CVE-2011-4681

Opera before 11.60 does not properly consider the number of . dot characters that conventionally exist in domain names of different top-level domains, which allows remote attackers to bypass the Same Origin Policy by leveraging access to a different domain name in the same top-level domain, as...

5CVSS6.8AI score0.00246EPSS
Exploits0References1
OSV
OSVadded 2022/11/19 12:15 a.m.8 views

CVE-2022-30256

An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...

7.5CVSS7.4AI score0.00662EPSS
Exploits0References6
CNVD
CNVDadded 2020/11/19 12:0 a.m.1 views

Cisco IoT Field Network Director Access Control Error Vulnerability

Cisco IoT Field Network Director FND is a network management system for large-scale FAN deployments. An access control error vulnerability exists in the user management feature in Cisco IoT Field Network Director versions prior to 4.6.1. An attacker could exploit this vulnerability by manipulatin...

4.1CVSS6.5AI score0.00136EPSS
Exploits0References1
ThreatPost
ThreatPostadded 2018/08/15 8:42 p.m.24 views

Microsoft Cortana Flaw Allows Web Browsing on Locked PCs

As voice assistants like Alexa and Google Home gain traction in the smart-home market, they have also been under increased speculation around how they approach privacy. Now, researchers say they have discovered a newly-disclosed flaw in Microsoft’s Cortana assistant for Windows 10 machines that...

2.1CVSS1.2AI score0.00844EPSS
Exploits0References5
Hacker One
Hacker Oneadded 2018/07/26 6:56 p.m.36 views

Shopify: App messaging can be hijacked by third-party websites

The JavaScript code at https://cdn.shopify.com/s/assets/admin/index-c6e72fa910cd0182ab1d1e67ff823fb2e6ca61745c00797769410ce01aafc4d8.js installs a message event listener to receive messages from installed apps when these apps are displayed in a frame. The following check rejects invalid event...

Exploits0
NVD
NVDadded 2004/12/23 5:0 a.m.44 views

CVE-2004-0867

Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected...

7.5CVSS6.5AI score0.03593EPSS
Exploits0References7
Cvelist
Cvelistadded 2002/08/01 4:0 a.m.22 views

CVE-2002-0815

The Javascript "Same Origin Policy" SOP, as implemented in 1 Netscape, 2 Mozilla, and 3 Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the...

6.2AI score0.01433EPSS
Exploits0References2
Rows per page
Query Builder