Lucene search
K

23 matches found

OSV
OSV
added 2026/05/08 11:25 p.m.10 views

GHSA-MGHP-5CQ4-V6MG Snipe-IT has an open redirect vulnerability

Open redirect vulnerability in Snipe-IT allows attackers to redirect users to malicious sites via unvalidated HTTP Referer header stored in session variable. Impact - Phishing: Redirect users to fake login pages to steal credentials - Session Hijacking: Redirect to attacker site that captures...

5.9CVSS5.8AI score0.00163EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2016-2491

Malware in sbrugna...

7.4CVSS7.5AI score0.01002EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-10916

Malware in sbrugna...

6.5CVSS7.6AI score0.00719EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 7:32 a.m.8 views

CVE-2024-22202

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. phpMyFAQ's user removal page allows an attacker to spoof another user's detail, and in turn make a compelling phishing case for removing another user's account. The front-end of this page doesn'...

6.5CVSS6.7AI score0.00587EPSS
Exploits1References1
OSV
OSV
added 2025/05/22 4:54 p.m.7 views

CVE-2025-47779 Using malformed From header can forge identity with ";" or NULL in name portion

Asterisk is an open-source private branch exchange PBX. Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, SIP requests of the type MESSAGE RFC 3428 authentication do not get proper alignment. An authenticated attacker...

7.7CVSS6.3AI score0.00418EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/05/15 7:50 p.m.8 views

CVE-2025-47789 Horilla Open Redirect Vulnerability in Login

Horilla is a free and open source Human Resource Management System HRMS. In versions up to and including 1.3, an attacker can craft a Horilla URL that refers to an external domain. Upon clicking and logging in, the user is redirected to an external domain. This allows the redirection to any...

6.1CVSS6.3AI score0.00191EPSS
Exploits0References2
hivepro
hivepro
added 2025/05/08 3:41 p.m.11 views

One Click Could Cost You Everything – Even Your Smartest Employee Might Be the Biggest Security Risk!

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! Introduction: The Persistent Threa...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/20 11:21 a.m.19 views

PCI DSS 4.0 Mandates DMARC By 31st March 2025

The payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against email fraud, domain spoofing, and phishing i...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 7:0 p.m.9 views

CVE-2022-35953

BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...

7.1CVSS6.5AI score0.00492EPSS
Exploits1References1
Malwarebytes
Malwarebytes
added 2022/12/20 5:0 a.m.23 views

Restaurant platform SevenRooms confirms data breach

SevenRooms, a "guest experience and retention platform" for food establishments and hospitality organisations, has confirmed it has fallen victim to a third party vendor data breach. Mostly known for its customer management platform, Seven Rooms' breach came to light after stolen data was seen fo...

7AI score
Exploits0
HackRead
HackRead
added 2022/09/04 3:25 p.m.24 views

Hoxhunt Primed to Spread Gamified Phishing Awareness in the Enterprise

By Owais Sultan Given the potent and rising threat of phishing, enterprises need an effective program that delivers real results. This is a post from HackRead.com Read the original post: Hoxhunt Primed to Spread Gamified Phishing Awareness in the Enterprise...

2.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/24 4:47 p.m.23 views

Rancher Login Parameter Can Be Edited

A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit...

4.7CVSS7.1AI score0.02263EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2020/12/09 1:15 a.m.8 views

CVE-2020-26953

It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

4.3CVSS7.9AI score
Exploits0References4
Malwarebytes
Malwarebytes
added 2018/12/04 5:20 p.m.74 views

Humble Bundle alerts customers to subscription reveal bug

You’ll want to check your mailbox if you have a Humble Bundle account, as they’re notifying some customers of a bug used to gather subscriber information. Click to enlarge The mail reads as follows: Hello, Last week, we discovered someone using a bug in our code to access limited non-personal...

7.1AI score
Exploits0
Cisco Threats
Cisco Threats
added 2017/10/12 1:3 p.m.25 views

Threat Outbreak Alert RuleID30948: Email Messages Distributing Malicious Software on October 12, 2017

Medium Alert ID: 55593 First Published: 2017 October 12 13:03 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30948 may contain the following files: Name |...

Exploits0
Cisco Threats
Cisco Threats
added 2017/05/23 3:6 p.m.9 views

Threat Outbreak Alert RuleID29215: Email Messages Distributing Malicious Software on May 23, 2017

Medium Alert ID: 53926 First Published: 2017 May 23 15:06 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29215 may contain the following files: Name | Size...

0.6AI score
Exploits0
Cisco Threats
Cisco Threats
added 2015/09/02 1:41 p.m.6 views

Threat Outbreak Alert RuleID17690: Email Messages Distributing Malicious Software on September 1, 2015

Medium Alert ID: 40761 First Published: 2015 September 2 13:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17690 may contain the following files: Name |...

0.4AI score
Exploits0
Cisco Threats
Cisco Threats
added 2015/02/19 9:55 p.m.8 views

Threat Outbreak Alert RuleID13633: Email Messages Distributing Malicious Software on February 19, 2015

Medium Alert ID: 37522 First Published: 2015 February 19 21:55 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID13633 may contain the following files: Name |...

0.4AI score
Exploits0
Cisco Threats
Cisco Threats
added 2014/01/27 2:34 p.m.14 views

Threat Outbreak Alert: Fake Product Purchase Order Request Email Messages on January 26, 2014

Medium Alert ID: 32575 First Published: 2014 January 27 14:34 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product purchase order request. The text in the email message attempts to convince the recipient to open the...

0.5AI score
Exploits0
Cisco Threats
Cisco Threats
added 2013/06/14 12:58 p.m.8 views

Threat Outbreak Alert: Fake Shipment Invoice Notification Email Messages on June 13, 2013

Low Alert ID: 29669 First Published: 2013 June 14 12:58 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a DHL shipment invoice. The text in the email message attempts to convince the recipient to open the attachment and...

0.3AI score
Exploits0
Rows per page
Query Builder