Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2024/10/09 12:0 a.m.2 views

PT-2024-7663 · Curl +9 · Curl +9

Name of the Vulnerable Software and Affected Versions: curl versions prior to 8.10.1 Description: The issue is related to the implementation of the HSTS HTTP Strict Transport Security mechanism in the curl utility. When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a...

8.6CVSS6.8AI score0.02015EPSS
Exploits8References100
Metasploit
Metasploitadded 2023/08/02 7:50 p.m.180 views

OSX Meterpreter, Reverse HTTPS Inline

Run the Meterpreter / Mettle server payload stageless Module Options msf use payload/osx/aarch64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and set...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2022/08/22 12:0 a.m.30 views

Debian dla-3079 : jetty9 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3079 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3079-1 [email protected]...

7.5CVSS7.1AI score0.01047EPSS
Exploits0References6
OSV
OSVadded 2020/07/09 3:15 p.m.0 views

UBUNTU-CVE-2020-12412

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain with the https:// scheme, a blocked port number such as '1', and without a lock icon while controlling the page contents. This vulnerability affects Firefox 70...

4.3CVSS5.8AI score0.00284EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2018/11/23 12:0 a.m.30 views

Debian DLA-1585-1 : ruby-rack security update

It was discovered that there was an XSS vulnerability in the ruby-rack web-server library. A malicious request could impact the HTTP/HTTPS scheme being returned to the underlying application. For Debian 8 'Jessie', this issue has been fixed in ruby-rack version 1.5.2-3+deb8u2. We recommend that y...

6.1CVSS6.5AI score0.00829EPSS
Exploits0References3
Debian
Debianadded 2018/11/21 1:27 p.m.223 views

[SECURITY] [DLA 1585-1] ruby-rack security update

Package : ruby-rack Version : 1.5.2-3+deb8u2 CVE ID : CVE-2018-16471 Debian Bug : 913005 It was discovered that there was an XSS vulnerability in the ruby-rack web-server library. A malicious request could impact the HTTP/HTTPS scheme being returned to the underlying application. For Debian 8...

6.1CVSS6.2AI score0.00829EPSS
Exploits0
OSV
OSVadded 2018/09/18 2:29 a.m.1 views

CVE-2018-16955

The login function of Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting XSS. The content of the inhiredirect parameter, when prefixed with the https:// scheme, is unsafely reflected in a HTML META tag in the HTTP response. NOTE: this CVE is assigned by MIT...

6.1CVSS5.7AI score0.00179EPSS
Exploits0References2
Rows per page
Query Builder