Lucene search
K

224 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-16966

Malware in sbrugna...

7.5CVSS8.4AI score0.02465EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-2416

Malware in sbrugna...

5.8CVSS6.2AI score0.01073EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0726

Malware in sbrugna...

7.2CVSS6.4AI score0.00885EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-1472

Malware in sbrugna...

5CVSS6.4AI score0.01572EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-16235

Malicious code in bioql PyPI...

9.6CVSS9.4AI score0.00636EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-18111

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00417EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-5235

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.01022EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-11344

Malicious code in bioql PyPI...

9.4CVSS6.3AI score0.00915EPSS
Exploits0References5
Hacker One
Hacker One
added 2025/08/10 8:24 p.m.30 views

curl: Vulnerability Report: Local File Disclosure via file:// Protocol in cURL

Summary A security vulnerability has been identified that allows unauthorized local file system access via the file:// protocol in cURL, particularly when executed with elevated privileges e.g., sudo. This could lead to sensitive data exposure, including password hashes stored in /etc/shadow. Ste...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-3909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested emai...

8.1CVSS7.1AI score0.00363EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-23597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given ...

6.5CVSS7.7AI score0.0034EPSS
Exploits0References2
OSV
OSV
added 2025/08/06 3:15 p.m.5 views

CVE-2025-50234

MCCMS v2.7.0 has an SSRF vulnerability located in the index method of the sys\apps\controllers\api\Gf.php file, where the pic parameter is processed. The pic parameter is decrypted using the sysauth$pic, 1 function, which utilizes a hard-coded key McEncryptionKey bD2voYwPpNuJ7B8, defined in the...

6.5CVSS6.3AI score0.00246EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/06/10 4:52 p.m.5 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00363EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/10 4:52 p.m.4 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00363EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/05 10:59 a.m.5 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00363EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/04 11:46 a.m.5 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00363EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/29 9:30 p.m.4 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00363EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/29 7:32 p.m.4 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00363EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 7:48 a.m.14 views

CVE-2024-20396

A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerabili...

6.5CVSS7.1AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:8 a.m.7 views

CVE-2022-43983

Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML content passed to the Browsershot::html method does not contain URL's that use the file:// protocol...

8.2CVSS6.6AI score0.00635EPSS
Exploits1References1
Rows per page
Query Builder