Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

634 matches found

Hacker One
Hacker Oneadded 2016/08/22 11:27 a.m.12 views

Gratipay: Cross Site Scripting In Profile Statement

Hey Sir, I Have found Cross Site ScriptingXSS Vulnerabilities in updating profile statement, This is Advance XSS Script, You can see it XSS-Gratipay.txt You can also see it live here: https://gratipay.com/MuhaddiMu/ Steps to produce: 1 Login To Your Account. 2 Click on Edit Statement 3 Copy and...

6.1AI score
Exploits0
hackapp
hackappadded 2016/04/01 9:7 a.m.16 views

Quick Photo Paste - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Quick Photo Paste published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackappadded 2016/04/01 9:6 a.m.21 views

Cut Paste Photos - Customized SSL, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Cut Paste Photos published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessusadded 2016/03/04 12:0 a.m.22 views

Fedora 23 : shellinabox-2.19-1.fc23 (2015-1c773e8702)

Added support for middle-click paste Improved iOS support New logic to enable soft keyboard icon Disable HTTPS fallback using the URL /plain. Consequently disables automatic upgrades from HTTP to HTTPS CVE-2015-8400 Note that Tenable Network Security has extracted the preceding description block...

7.4CVSS7.2AI score0.00556EPSS
Exploits0References4
Prion
Prionadded 2016/01/31 6:59 p.m.12 views

Code injection

Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user's paste of a 1 wyciwyg: URI or 2 resource: URI...

4.3CVSS6.8AI score0.0082EPSS
Exploits0References9Affected Software3
Exploit DB
Exploit DBadded 2015/11/02 12:0 a.m.24 views

Sam Spade 1.14 - Crawl Website Buffer Overflow

Exploit Title : Sam Spade 1.14 - Buffer OverFlow Date : 10/30/2015 Exploit Author : MandawCoder Contact : [email protected] Vendor Homepage : http://samspade.org Software Link : http://www.majorgeeks.com/files/details/samspade.html Version : 1.14 Tested on : XP Professional SP3 En x86 Categor...

7AI score
Exploits0
0day.today
0day.todayadded 2015/10/10 12:0 a.m.29 views

FreemakeVideo Converter 4.1.7 - Code Execution Vulnerability

Exploit for php platform in category web applications Exploit title : FreemakeVideo Converter - Remote Code Execution Vulnerability Date : 07/10/2015 Author : ZwX Vendor : http://www.freemake.com/ Software Link : http://www.freemake.com/freevideoconverter/ Version : 4.1.7 Tested on : Windows 7...

7.1AI score
Exploits0
OpenVAS
OpenVASadded 2015/10/06 12:0 a.m.10 views

Oracle: Security Advisory (ELSA-2012-1206)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS6.5AI score0.01239EPSS
Exploits0References2
Exploit DB
Exploit DBadded 2015/09/07 12:0 a.m.33 views

VeryPDF HTML Converter 2.0 - Local Buffer Overflow (SEH/ToLower() Bypass)

Exploit Title: VeryPDF HTML Converter v2.0 SEH/ToLower Bypass Buffer Overflow Date: 9-6-2015 Target tested: Windows 7 x86/x64 Software Link: http://www.verypdf.com/htmltools/winhtmltools.exe Exploit Author: Robbie Corley Contact: [email protected] Website: CVE: Category: Local Exploit...

7AI score
Exploits0
securityvulns
securityvulnsadded 2015/08/24 12:0 a.m.52 views

[USN-2705-1] Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-2705-1 August 06, 2015 python-keystoneclient, python-keystonemiddleware vulnerabilities ========================================================================== A security issue affects these...

4.3CVSS1.3AI score0.00643EPSS
Exploits0
Ubuntu
Ubuntuadded 2015/08/06 4:10 a.m.49 views

USN-2705-1: Keystone vulnerabilities

Qin Zhao discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct machine-in-the-middle attacks via a crafted certificate. CVE-2014-7144 Brant Knudson...

4.3CVSS5.3AI score0.00643EPSS
Exploits0
OSV
OSVadded 2015/08/06 4:10 a.m.2 views

USN-2705-1 python-keystoneclient, python-keystonemiddleware vulnerabilities

Qin Zhao discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct machine-in-the-middle attacks via a crafted certificate. CVE-2014-7144 Brant Knudson...

4.3CVSS5.8AI score0.00643EPSS
Exploits0References3
ThreatPost
ThreatPostadded 2015/06/25 11:38 a.m.12 views

Stolen U.S. Government Credentials Found Online

Credentials stolen in breaches and sundry hacks belonging to close to 100 unique U.S. government domains are scattered among a number of paste sites and are searchable in other locations online. Analysts at Recorded Future said on Wednesday that through open source intelligence gathering and...

0.2AI score
Exploits0References6
PyPA
PyPAadded 2015/04/17 5:59 p.m.4 views

PYSEC-2015-30

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

4.3CVSS7AI score0.00643EPSS
Exploits0References7Affected Software1
PyPA
PyPAadded 2015/04/17 5:59 p.m.4 views

PYSEC-2015-31

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

4.3CVSS7AI score0.00643EPSS
Exploits0References7Affected Software1
OSV
OSVadded 2015/04/17 5:59 p.m.21 views

PYSEC-2015-30

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

4.3CVSS5.3AI score0.003EPSS
Exploits0References7
Debian CVE
Debian CVEadded 2015/04/17 5:0 p.m.22 views

CVE-2015-1852

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

4.3CVSS6.9AI score0.003EPSS
Exploits0
OSV
OSVadded 2015/04/17 12:0 a.m.0 views

UBUNTU-CVE-2015-1852

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

4.3CVSS5.8AI score0.003EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2015/03/27 12:0 a.m.45 views

Fedora 20 : nx-libs-3.5.0.29-1.fc20 (2015-3964)

Update to 3.5.0.29 : - further reduction of code size by Mike Gabriel - /.x2go/config/keystrokes.cfg, /etc/x2go/keystrokes.cfg and /etc/nxagent/keystrokes.cfg are now respected thanks to Horst Schirmeier - security fixes for CVE-2011-2895, CVE-2011-4028, CVE-2013-4396, CVE-2013-6462, CVE-2014-020...

9.3CVSS6.9AI score0.12029EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2015/03/23 12:0 a.m.35 views

Fedora 22 : nx-libs-3.5.0.29-1.fc22 (2015-3953)

Update to 3.5.0.29 : - further reduction of code size by Mike Gabriel - /.x2go/config/keystrokes.cfg, /etc/x2go/keystrokes.cfg and /etc/nxagent/keystrokes.cfg are now respected thanks to Horst Schirmeier - security fixes for CVE-2011-2895, CVE-2011-4028, CVE-2013-4396, CVE-2013-6462, CVE-2014-020...

9.3CVSS6.9AI score0.12029EPSS
Exploits1References1
Rows per page
Query Builder