Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/06/15 5:19 p.m.3 views

CVE-2025-49583

XWiki is a generic wiki platform. When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can ...

5.1CVSS6.5AI score0.00043EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/06/13 5:4 p.m.11 views

CVE-2025-49583 XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right

XWiki is a generic wiki platform. When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can ...

5.1CVSS0.00043EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2024/08/30 12:0 a.m.4 views

PT-2025-25434 · Xwiki · Xwiki

Name of the Vulnerable Software and Affected Versions: XWiki versions prior to 15.10.16 XWiki versions prior to 16.4.7 XWiki versions prior to 16.10.2 Description: The issue affects XWiki, a generic wiki platform. It occurs when a user without script right creates a document with an...

5.1CVSS6.4AI score0.00043EPSS
Exploits1References12
Trend Micro Simply Security
Trend Micro Simply Securityadded 2021/08/18 12:0 a.m.8 views

Tokyo Olympics Leveraged in Cybercrime Attack

Just before the opening of the Tokyo Olympics, we confirmed an attack that directed users from a fake TV broadcast schedule page to browser notification spam...

3.3AI score
Exploits0
UbuntuCve
UbuntuCveadded 2006/11/29 2:28 a.m.62 views

CVE-2006-6168

tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to trigger "notification-spam" via certain vectors such as a comma-separated list of addresses in the email field, related to lack of "a minimal check on email."...

7.5CVSS6AI score0.01829EPSS
Exploits0References1
CVE
CVEadded 2006/11/29 2:0 a.m.152 views

CVE-2006-6168

CVE-2006-6168 affects TikiWiki (tiki-register.php) versions before 1.9.7. The issue arises from insufficient validation of the email field, allowing remote attackers to trigger “notification-spam” via vectors such as a comma-separated list of addresses. The NVD lists a base score of 7.5 (HIGH) wi...

7.5CVSS6.6AI score0.01829EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2006/11/29 2:0 a.m.11 views

CVE-2006-6168

tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to trigger "notification-spam" via certain vectors such as a comma-separated list of addresses in the email field, related to lack of "a minimal check on email."...

6.6AI score0.01829EPSS
Exploits0References3
Rows per page
Query Builder