Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2024/10/09 6:12 p.m.14 views

CVE-2024-47812 Cross-site Scripting (XSS) on Special:RequestImportQueue when displaying request date in ImportDump

ImportDump is an extension for mediawiki designed to automate user import requests. Anyone who can edit the interface strings of a wiki typically administrators and interface admins can embed XSS payloads in the messages for dates, and thus XSS anyone who views Special:RequestImportQueue. This...

6CVSS0.00144EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/10/09 6:12 p.m.11 views

CVE-2024-47812 Cross-site Scripting (XSS) on Special:RequestImportQueue when displaying request date in ImportDump

ImportDump is an extension for mediawiki designed to automate user import requests. Anyone who can edit the interface strings of a wiki typically administrators and interface admins can embed XSS payloads in the messages for dates, and thus XSS anyone who views Special:RequestImportQueue. This...

6CVSS6.1AI score0.00144EPSS
Exploits0References3
OSV
OSVadded 2024/08/15 1:19 p.m.0 views

USN-6963-1 gnome-shell vulnerability

It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages containing JavaScript, leading to resource consumption or other attacks...

6.5CVSS6AI score0.00184EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/04/02 12:0 a.m.3 views

PT-2024-3797 · Mozilla · Firefox

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 124 Description: The issue is related to insufficient input validation when dragging URL addresses into the address bar, allowing a remote attacker to bypass security restrictions and load arbitrary pages. Th...

7.5CVSS6.8AI score0.00104EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2018/06/11 9:0 p.m.27 views

CVE-2018-5167

The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display...

4.3CVSS7AI score0.00646EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2017/09/12 3:41 a.m.0 views

chromium-browser: bypass of content security policy in blink

Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page...

4.3CVSS7.4AI score0.00329EPSS
Exploits0References5
Rows per page
Query Builder