Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2025/03/10 9:31 p.m.6 views

GHSA-PVMX-MJMH-JFCX Concrete CMS affected by a stored XSS in Folder Function.The "Add Folder" functionality

Concrete CMS versions 9.0.0 through 9.3.9 are affected by a stored XSS in Folder Function.The "Add Folder" functionality lacks input sanitization, allowing a rogue admin to inject XSS payloads as folder names. The Concrete CMS security team gave this vulnerability a CVSS 4.0 Score of 4.8 with...

4.8CVSS5.4AI score0.00156EPSS
Exploits0References5
OSV
OSVadded 2025/03/10 9:15 p.m.6 views

CVE-2025-0660

Concrete CMS versions 9.0.0 through 9.3.9 are affected by a stored XSS in Folder Function.The "Add Folder" functionality lacks input sanitization, allowing a rogue admin to inject XSS payloads as folder names. The Concrete CMS security team gave this vulnerability a CVSS 4.0 Score of 4.8 with...

4.8CVSS5.4AI score
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/04/29 12:0 a.m.19 views

Fedora 40 : thunderbird (2024-d8a0e599e2)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-d8a0e599e2 advisory. Update to 115.8.1 https://www.mozilla.org/en-US/security/advisories/mfsa2024-11/ read that if you have mails with encrypted email subjects...

7.5CVSS8.1AI score0.00357EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2024/03/25 8:11 p.m.1 views

Mozilla: Leaking of encrypted email subjects to other conversations

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...

7.5CVSS7.3AI score0.00357EPSS
Exploits1References5
OSV
OSVadded 2024/03/04 10:15 p.m.3 views

CVE-2024-1936

The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. Whil...

7.5CVSS7.5AI score
Exploits0References3
NVD
NVDadded 2020/02/02 3:15 p.m.8 views

CVE-2020-8514

An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a directory name, it is possible to activate JavaScript in the context of the web application after invoking the rename folder functionality...

6.1CVSS6.2AI score0.00288EPSS
Exploits1References2
OSV
OSVadded 2018/07/23 3:29 p.m.19 views

CVE-2018-1999008

October CMS version prior to build 437 contains a Cross Site Scripting XSS vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media module permission creating arbitrary folder name with XSS content. This attack appear to be exploitable...

5.4CVSS5.4AI score
Exploits0References1
Rows per page
Query Builder