Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

FreeBSD
FreeBSDadded 2023/04/19 12:0 a.m.48 views

Grafana -- Critical vulnerability in golang

Grafana Labs reports: An issue in how go handles backticks with Javascript can lead to an injection of arbitrary code into go templates. While Grafana Labs software contains potentially vulnerable versions of go, we have not identified any exploitable use cases at this time. The CVSS score for th...

9.8CVSS9.8AI score0.00759EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/12/22 12:0 a.m.34 views

CVE-2022-26485

Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus 97.3.0...

8.6AI score0.02853EPSS
Exploits1References2
UbuntuCve
UbuntuCveadded 2022/03/06 12:0 a.m.49 views

CVE-2022-26485

Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus 97.3.0...

8.8CVSS7.1AI score0.02853EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2020/11/10 12:0 a.m.22 views

CVE-2020-26950

In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2...

9.3CVSS7.2AI score0.48274EPSS
Exploits4References4
NVD
NVDadded 2020/02/25 4:15 p.m.10 views

CVE-2019-5139

An exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts...

7.1CVSS6.7AI score0.0013EPSS
Exploits1References1
Talos Blog
Talos Blogadded 2019/10/09 7:30 a.m.93 views

Vulnerability Spotlight: Multiple remote code execution bugs in NitroPDF

Cory Duplantis and Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple remote code execution vulnerabilities in NitroPDF. Nitro PDF allows users to save, read, sign and edit PDF files on their machines. There are two versions of the product...

6.8CVSS1.2AI score0.00237EPSS
Exploits6
Cvelist
Cvelistadded 2019/09/18 8:16 p.m.18 views

CVE-2019-5066

An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically crafted PDF document nee...

9.8CVSS9.5AI score0.00619EPSS
Exploits1References1
Prion
Prionadded 2018/05/19 5:29 p.m.18 views

Design/Logic Flaw

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user...

9.3CVSS8.8AI score0.01554EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder