Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-27964

Malware in sbrugna...

8.1CVSS8.8AI score0.0313EPSS
Exploits0References20
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.23 views

Oracle Linux 6 : firefox (ELSA-2020-1339)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-1339 advisory. - Added fix for mozbz1348168/CVE-2017-5428 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

9.8CVSS8.4AI score0.0313EPSS
Exploits2References3
Redos
Redosadded 2023/07/06 12:0 a.m.23 views

ROS-2-1176

2.1176 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8AI score0.0313EPSS
Exploits1
RedHat Linux
RedHat Linuxadded 2022/12/14 1:15 p.m.3 views

quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus

A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no...

7.5CVSS7.4AI score0.00456EPSS
Exploits0References4
Veracode
Veracodeadded 2022/12/08 3:39 a.m.35 views

Cross-Origin Resource Sharing (CORS)

quarkus-vertx-http is vulnerable to an insecure cross-origin resource sharing CORS policy. The vulnerability exists because the XMLHttpRequest has no event listeners registered on the object returned by the XMLHttpRequest upload property, allowing an attacker to send malicious GET and POST reques...

7.5CVSS7.9AI score0.00456EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blogadded 2022/12/06 9:30 p.m.27 views

Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed

Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in...

7.5CVSS8AI score0.00456EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2022/12/06 9:30 p.m.31 views

GHSA-9895-G6X5-XWCP Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed

Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in...

7.5CVSS7.5AI score0.00456EPSS
Exploits0References5
NVD
NVDadded 2022/12/06 7:15 p.m.15 views

CVE-2022-4147

Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in...

7.5CVSS0.00456EPSS
Exploits0References1
Prion
Prionadded 2022/12/06 7:15 p.m.18 views

Cross site request forgery (csrf)

Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in...

5.1CVSS7.9AI score0.00456EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/12/06 12:0 a.m.23 views

CVE-2022-4147

Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in...

7.8AI score0.00456EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/12/06 12:0 a.m.1 views

PT-2022-25877 · Quarkus · Quarkus

Name of the Vulnerable Software and Affected Versions: Quarkus affected versions not specified Description: The Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. This issue affects simple GET or POST requests made with XMLHttpRequest, specifically those with ...

7.5CVSS7.4AI score0.00456EPSS
Exploits0References9
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2020-0170)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.0313EPSS
Exploits1References8
OpenVAS
OpenVASadded 2021/11/08 12:0 a.m.17 views

Mozilla Firefox Security Advisory (MFSA2020-11) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

8.1CVSS8.2AI score0.0313EPSS
Exploits1References6
CISA KEV Catalog
CISA KEV Catalogadded 2021/11/03 12:0 a.m.13 views

Mozilla Firefox And Thunderbird Use-After-Free Vulnerability

Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts...

8.1CVSS8AI score0.0313EPSS
In wildExploits0
Redos
Redosadded 2021/09/08 12:0 a.m.26 views

ROS-2-642

2.642 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

9AI score0.0313EPSS
Exploits1
Redos
Redosadded 2021/09/08 12:0 a.m.30 views

ROS-2-449

2.449 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8AI score0.92579EPSS
Exploits82
Redos
Redosadded 2021/09/08 12:0 a.m.28 views

ROS-2-806

2.806 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8.1AI score0.0313EPSS
Exploits1
Redos
Redosadded 2021/09/08 12:0 a.m.17 views

ROS-2-1224

2.1224 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8.1AI score0.0313EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2021/02/01 12:0 a.m.46 views

CentOS 8 : thunderbird (CESA-2020:1495)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:1495 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor CVE-2020-6819 - Mozilla: Use-after-free when handling a ReadableStream CVE-2020-6820 ...

9.8CVSS8.2AI score0.0313EPSS
Exploits1References6
Cent OS
Cent OSadded 2020/04/28 12:21 a.m.130 views

thunderbird security update

CentOS Errata and Security Advisory CESA-2020:1488 An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.8CVSS7.1AI score0.0313EPSS
Exploits1References7
Rows per page
Query Builder