Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в webkit2gtk

Description: A cross-origin issue with iframe elements was addressed by improving the tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6, iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, and watchOS 7.5. Processing maliciously crafted web content may lead to cross-site...

6.1CVSS6.6AI score0.0061EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-16116

Malware in sbrugna...

6.1CVSS6.3AI score0.00207EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2021-8141

Malicious code in bioql PyPI...

6.1CVSS5.6AI score0.00301EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2018-4319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-origin issue existed with iframe elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12,...

8.1CVSS7.7AI score0.00315EPSS
Exploits0References2
CVE
CVEadded 2025/06/09 12:36 p.m.52 views

CVE-2025-48877

Summary: CVE-2025-48877 affects Discourse. Before the patched releases, Codepen could be present in the default allowed_iframes site setting, potentially auto-running arbitrary JS in the iframe scope. Affected versions (as stated): Discourse < 3.4.4 (stable), < 3.5.0.beta5 (beta), and

9.8CVSS6.4AI score0.0069EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 12:1 a.m.6 views

CVE-2022-24733

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker's page overlays the target application's interface wi...

6.1CVSS6.5AI score0.00285EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/03/31 10:23 p.m.8 views

CVE-2025-24208

A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack...

0.00141EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2024/10/31 7:48 p.m.3 views

firefox: thunderbird: Confusing display of origin for external protocol handler prompt

The Mozilla Foundation's Security Advisory: The origin of an external protocol handler prompt could be obscured using a data: URL within an iframe...

5.4CVSS7.3AI score0.00419EPSS
Exploits0References9
OSV
OSVadded 2022/12/22 8:15 p.m.5 views

CVE-2022-22759

If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox 97, Thunderbird 91.6, and...

9.6CVSS8.6AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2022/06/02 6:25 p.m.5 views

CVE-2022-31024 Federated editing allows iframing remote servers by default in richdocuments

richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fi...

6.5CVSS6.5AI score0.00138EPSS
Exploits0References3
Rows per page
Query Builder