Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

CNNVD
CNNVDadded 2024/12/12 12:0 a.m.3 views

Hush Line 安全漏洞

Hush Line is a free open source anonymous tip line service from Science & Design Open Source. A security vulnerability exists in Hush Line version 0.1.0 through versions prior to 0.3.5, which stems from a production server misconfiguration that does not provide any content security policy or...

7.1CVSS5.9AI score0.00294EPSS
Exploits0References2
OSV
OSVadded 2024/10/23 3:15 p.m.5 views

CVE-2024-30122

HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that some HTTP headers were missing on web service responses. This will lead to less secure browser default treatment for the policies controlled by these headers...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References1
OSV
OSVadded 2023/12/12 10:15 a.m.26 views

CVE-2023-4958

In Red Hat Advanced Cluster Security RHACS, it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page, that deceptivel...

6.1CVSS6.8AI score0.00533EPSS
Exploits0References3
Huntr
Huntradded 2023/02/09 2:23 p.m.20 views

Vulnerable to clickjacking

Description Vulnerable to clickjacking Proof of Concept 1 Create an iframe.html with below contents The iframe element 2 Open with firefox and note that the frame is loaded which is potential to clickjacking due to missing x-frame-options security headers...

5.8CVSS5.6AI score0.00373EPSS
Exploits1
OSV
OSVadded 2022/06/14 10:15 a.m.1 views

CVE-2022-27220

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks...

4.3CVSS5.7AI score
Exploits0References1
NVD
NVDadded 2022/04/12 9:15 a.m.11 views

CVE-2022-25755

A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...

7.5CVSS0.0124EPSS
Exploits0References1
Prion
Prionadded 2020/04/06 2:15 p.m.26 views

Design/Logic Flaw

A vulnerability was found in all versions of Keycloak where, the pages on the Admin Console area of the application are completely missing general HTTP security headers in HTTP-responses. This does not directly lead to a security issue, yet it might aid attackers in their efforts to exploit other...

5.8CVSS6.2AI score0.00764EPSS
Exploits0References1Affected Software2
OSV
OSVadded 2019/09/10 4:15 p.m.4 views

CVE-2019-5503

OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...

5.3CVSS6.1AI score0.00694EPSS
Exploits0References1
Kitploit
Kitploitadded 2018/06/18 2:9 p.m.206 views

VOOKI - Web Application Vulnerability Scanner

Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner, and reporting section. Vooki – Web Application Scanner can help you to find the...

7AI score
Exploits0
Rows per page
Query Builder