Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7077 matches found

CVE
CVEadded 2023/10/31 12:0 a.m.38 views

CVE-2019-25155

DOMPurify before 1.0.11 is affected by a reverse tabnabbing issue in demos/hooks-target-blank-demo.html due to missing rel="noopener noreferrer" on links. This is the concrete vulnerability described across CVE-2019-25155 entries: the root cause is the absence of a security attribute on target-bl...

6.1CVSS6.1AI score0.0046EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploitadded 2023/10/25 5:10 p.m.453 views

Exploit for CVE-2023-38646

CVE-2023-38646 Python script to exploit CVE-2023-38646 Metabas...

9.8CVSS9.8AI score0.97924EPSS
Exploits36
RedhatCVE
RedhatCVEadded 2023/10/24 3:27 a.m.203 views

CVE-2023-45648

A flaw was found in Apache Tomcat, where an improper input validation can occur. This flaw allows a malicious user to send a crafted request containing an invalid trailer header, which could be treated as multiple requests, potentially leading to request smuggling when behind a reverse proxy...

5.3CVSS5.8AI score0.05848EPSS
Exploits2References5
NVD
NVDadded 2023/10/22 2:15 a.m.16 views

CVE-2023-38735

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482...

6.5CVSS6.1AI score0.00521EPSS
Exploits0References2
OSV
OSVadded 2023/10/22 2:15 a.m.3 views

CVE-2023-38735

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482...

6.5CVSS5.8AI score0.00521EPSS
Exploits0References2
Prion
Prionadded 2023/10/22 2:15 a.m.15 views

Security feature bypass

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482...

4.3CVSS6.5AI score0.00521EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2023/10/22 1:5 a.m.18 views

CVE-2023-38735 IBM Cognos Dashboards improper authentication

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482...

5.7CVSS6.5AI score0.00521EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/10/22 1:5 a.m.12 views

CVE-2023-38735 IBM Cognos Dashboards improper authentication

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482...

5.7CVSS6.6AI score0.00521EPSS
Exploits0References2
CNNVD
CNNVDadded 2023/10/22 12:0 a.m.3 views

IBM Cognos Dashboards on Cloud Pak for Data Authorization Issues Vulnerability

IBM Cognos Dashboards on Cloud Pak for Data is a business intelligence tool from International Business Machines IBM. A security vulnerability exists in IBM Cognos Dashboards on Cloud Pak for Data version 4.7.0, which stems from a vulnerability that could allow a remote attacker to bypass securit...

6.5CVSS6.6AI score0.00521EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2023/10/21 12:0 a.m.5 views

PT-2023-7181 · Ibm · Ibm Cognos Dashboards On Cloud Pak For Data

Name of the Vulnerable Software and Affected Versions: IBM Cognos Dashboards on Cloud Pak for Data version 4.7.0 Description: The issue is caused by a reverse tabnabbing flaw, which could allow a remote attacker to bypass security restrictions. An attacker could exploit this and redirect a victim...

7.8CVSS6.5AI score0.00521EPSS
Exploits0References9
GithubExploit
GithubExploitadded 2023/10/20 3:21 p.m.354 views

Exploit for CVE-2023-38646

CVE-2023-38646 A python RCE exploit for CVE-2023-38646 Us...

9.8CVSS9.7AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploitadded 2023/10/20 2:59 p.m.278 views

Exploit for Incorrect Authorization in Vmware Aria_Operations_For_Logs

CVE-2023-34051 CVE-2023-34051 is an authentication bypass tha...

9.8CVSS8.1AI score0.87077EPSS
Exploits3
GithubExploit
GithubExploitadded 2023/10/16 3:44 p.m.478 views

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

This is a PoC exploit for CVE-2023-27163, a remote code executio...

6.5CVSS7.3AI score0.07497EPSS
Exploits29
GithubExploit
GithubExploitadded 2023/10/16 3:44 p.m.371 views

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

This is a PoC exploit for CVE-2023-27163, a remote code executio...

6.5CVSS7.3AI score0.07497EPSS
Exploits29
GithubExploit
GithubExploitadded 2023/10/13 3:33 p.m.487 views

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

PoC for the ThemeBleed CVE-2023-38146 exploit Windows 11 Them...

8.8CVSS8.7AI score0.39491EPSS
Exploits4
Debian
Debianadded 2023/10/13 1:58 p.m.45 views

[SECURITY] [DLA 3617-1] tomcat9 security update

Debian LTS Advisory DLA-3617-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 13, 2023 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.31-1deb10u9 CVE ID : CVE-2023-24998 CVE-2023-41080 CVE-2023-42795 CVE-2023-44487 CVE-2023-45648 Several...

7.5CVSS7AI score0.99999EPSS
Exploits22
CNVD
CNVDadded 2023/10/13 12:0 a.m.19 views

Apache Tomcat Input Validation Error Vulnerability (CNVD-2024-27498)

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server. The program implements the Servlet and JavaServer Page JSP support. Apache Tomcat has an input validation error vulnerability that stems from a failure to properly parse the HTTP tail header, whic...

5.3CVSS6.6AI score0.05848EPSS
Exploits2References1
Veracode
Veracodeadded 2023/10/12 11:56 a.m.32 views

Request Smuggling

tomcat-coyote are vulnerable to Request Smuggling. This vulnerability exists because the library does not properly validate HTTP trailer headers, which allows an attacker to smuggle requests if the application is behind a reverse proxy...

5.3CVSS6.8AI score0.05848EPSS
Exploits2References11Affected Software2
GithubExploit
GithubExploitadded 2023/10/11 8:17 p.m.354 views

Exploit for CVE-2023-38646

CVE-2023-38646-exploit "This vulnerability, designated as CVE-...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploitadded 2023/10/11 8:17 p.m.402 views

Exploit for CVE-2023-38646

CVE-2023-38646-exploit "This vulnerability, designated as CVE-...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
Rows per page
Query Builder