Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2025/05/15 7:23 p.m.5 views

GO-2025-3683 Vulnerable to CSRF due to non-functional same-origin request checks in github.com/justinas/nosurf

Vulnerable to CSRF due to non-functional same-origin request checks in github.com/justinas/nosurf...

6.1CVSS6.1AI score0.00044EPSS
Exploits2References5
Github Security Blog
Github Security Blogadded 2025/05/14 2:56 p.m.14 views

nosurf vulnerable to CSRF due to non-functional same-origin request checks

Impact This vulnerability allows an attacker who controls content on the target site, or on a subdomain of the target site either via XSS, or otherwise to bypass Cross-Site Request Forgery checks and issue requests on user's behalf. Details Due to misuse of the Go net/http library, nosurf...

6.1CVSS6.7AI score0.00044EPSS
Exploits2References7Affected Software1
Vulnrichment
Vulnrichmentadded 2025/05/13 3:29 p.m.9 views

CVE-2025-46721 nosurf vulnerable to CSRF due to non-functional same-origin request checks

nosurf is cross-site request forgery CSRF protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on the target site, or on a subdomain of the target site either via XSS, or otherwise to bypass CSRF checks and issue requests on user's behal...

6CVSS6.4AI score0.00044EPSS
Exploits2References5
CNNVD
CNNVDadded 2023/05/31 12:0 a.m.0 views

Deno 安全漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and is built with Rust. A security vulnerability exists in Deno version 1.34.0, denoruntime version 0.114.0, which stems from an incorrectly checked outbound HTTP request made using the...

9.8CVSS8.3AI score0.00332EPSS
Exploits0References3
CNNVD
CNNVDadded 2021/09/07 12:0 a.m.1 views

Github ulfius输入验证错误漏洞

Github ulfius is the HTTP framework for REST applications in C. An input validation error vulnerability exists in ulfius, which stems from the coninfo initialization of ulfiusurilogger and coninfo-request in the product failing to adequately check HTTP requests. The following products and version...

9.8CVSS8.2AI score0.0275EPSS
Exploits3References6
Positive Technologies
Positive Technologiesadded 2021/07/02 12:0 a.m.4 views

PT-2021-3598 · Php +10 · Php +10

Name of the Vulnerable Software and Affected Versions: PHP versions 7.3.x through 7.3.28 PHP versions 7.4.x through 7.4.20 PHP versions 8.0.x through 8.0.7 Description: The issue is related to the URL validation functionality via the filter var function with the FILTER VALIDATE URL parameter. It...

9.8CVSS6.9AI score0.94053EPSS
Exploits106References366
OSV
OSVadded 2019/10/16 6:15 p.m.0 views

ALPINE-CVE-2019-6474

A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea cod...

6.5CVSS6.7AI score0.01585EPSS
Exploits0References1
CVE
CVEadded 2019/02/19 5:0 p.m.252 views

CVE-2019-5778

CVE-2019-5778 affects Google Chrome/Chromium extensions. The available description states a missing case in handling special schemes during permission request checks in Extensions, allowing bypass of extension permission checks for privileged pages via a crafted Chrome Extension (pre 72.0.3626.81...

6.5CVSS5.9AI score0.00465EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder