Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8413 matches found

OSV
OSVadded 2017/11/15 12:0 a.m.0 views

UBUNTU-CVE-2017-7830

The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability affects Firefox 57, Firefox ESR 52.5, and Thunderbird 52.5...

6.5CVSS6.9AI score0.02485EPSS
Exploits0References5
ArchLinux
ArchLinuxadded 2017/11/15 12:0 a.m.54 views

[ASA-201711-23] firefox: multiple issues

Arch Linux Security Advisory ASA-201711-23 ========================================== Severity: Critical Date : 2017-11-15 CVE-ID : CVE-2017-7826 CVE-2017-7827 CVE-2017-7828 CVE-2017-7830 CVE-2017-7831 CVE-2017-7832 CVE-2017-7833 CVE-2017-7834 CVE-2017-7835 CVE-2017-7836 CVE-2017-7837 CVE-2017-78...

10CVSS9.9AI score0.07439EPSS
Exploits0References48
Mozilla
Mozillaadded 2017/11/14 12:0 a.m.511 views

Security vulnerabilities fixed in Firefox ESR 52.5 — Mozilla

A use-after-free vulnerability can occur when flushing and resizing layout because the PressShell object has been freed while still in use. This results in a potentially exploitable crash during these operations. The Resource Timing API incorrectly revealed navigations in cross-origin iframes. Th...

10CVSS1.3AI score0.07439EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2017/11/13 3:29 a.m.16 views

CVE-2017-13819

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for quarantined HTML...

6.1CVSS5.5AI score0.01033EPSS
Exploits0References2
OSV
OSVadded 2017/11/13 3:29 a.m.2 views

CVE-2017-13819

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for quarantined HTML...

6.1CVSS7.4AI score
Exploits0References2
Prion
Prionadded 2017/11/13 3:29 a.m.11 views

Cross site scripting

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for quarantined HTML...

4.3CVSS5.2AI score0.01033EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessusadded 2017/11/13 12:0 a.m.43 views

openSUSE Security Update : webkit2gtk3 (openSUSE-2017-1268)

This update for webkit2gtk3 to version 2.18.0 fixes the following issues : These security issues were fixed : - CVE-2017-7039: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted website...

8.8CVSS7.1AI score0.08059EPSS
Exploits53References45
OPENSUSE Linux
OPENSUSE Linuxadded 2017/11/10 6:22 p.m.57 views

Security update for webkit2gtk3 (important)

This update for webkit2gtk3 to version 2.18.0 fixes the following issues: These security issues were fixed: - CVE-2017-7039: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site...

7.5CVSS8.6AI score0.08059EPSS
Exploits53References4
CNVD
CNVDadded 2017/11/03 12:0 a.m.2 views

Same Sex Dating Software Pro SQL Injection Vulnerability

Same Sex Dating Software Pro is an online dating system. A SQL injection vulnerability exists in Same Sex Dating Software Pro version 1.0. A remote attacker can exploit this vulnerability to inject SQL commands...

9.8CVSS8.1AI score0.02028EPSS
Exploits4References1
Hacker One
Hacker Oneadded 2017/11/02 11:36 a.m.18 views

Khan Academy: Frameset(Frame) html tag is allowed in html editor.(can lead to clickjacking)

Hello Sir/Mam , I was using the html editor in computer programming section , which allowed me to design a webpage. When i use the iframe tag , object tag and embed tag it show me the message that these tags are not allowed for security reasonsmay be cause of clickjacking attack or something but...

6.7AI score
Exploits0
exploitpack
exploitpackadded 2017/10/30 12:0 a.m.19 views

Same Sex Dating Software Pro 1.0 - SQL Injection

Same Sex Dating Software Pro 1.0 - SQL Injection Exploit Title: Same Sex Dating Software Pro 1.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.softdatepro.com/ Software Link: https://codecanyon.net/item/same-date-pro-same-sex-dating-software/4530959 Demo:...

7.5CVSS0.1AI score0.02028EPSS
Exploits4
NVD
NVDadded 2017/10/29 6:29 a.m.15 views

CVE-2017-15971

Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php senderid parameter, or the /admin Email field, a related issue to CVE-2017-15972...

9.8CVSS9.9AI score0.02028EPSS
Exploits4References2
Prion
Prionadded 2017/10/29 6:29 a.m.14 views

Sql injection

Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php senderid parameter, or the /admin Email field, a related issue to CVE-2017-15972...

7.5CVSS9.8AI score0.02858EPSS
Exploits8References2Affected Software1
OSV
OSVadded 2017/10/29 6:29 a.m.2 views

CVE-2017-15971

Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php senderid parameter, or the /admin Email field, a related issue to CVE-2017-15972...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSVadded 2017/10/24 6:33 p.m.41 views

GHSA-4WHC-PP4X-9PF3 jquery-rails and jquery-ujs subject to Exposure of Sensitive Information

jqueryujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space...

5CVSS6.3AI score0.04519EPSS
Exploits1References14
Github Security Blog
Github Security Blogadded 2017/10/24 6:33 p.m.215 views

jquery-rails and jquery-ujs subject to Exposure of Sensitive Information

jqueryujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space...

5CVSS6.3AI score0.04519EPSS
Exploits1References13Affected Software2
NVD
NVDadded 2017/10/23 1:29 a.m.17 views

CVE-2017-7090

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to...

7.5CVSS6.6AI score0.01951EPSS
Exploits1References8
OSV
OSVadded 2017/10/23 1:29 a.m.2 views

DEBIAN-CVE-2017-7090

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to...

7.5CVSS8AI score0.01951EPSS
Exploits1References1
OSV
OSVadded 2017/10/23 1:29 a.m.7 views

CVE-2017-7090

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to...

7.5CVSS7.3AI score
Exploits0References8
Prion
Prionadded 2017/10/23 1:29 a.m.21 views

Design/Logic Flaw

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to...

5CVSS6.7AI score0.01951EPSS
Exploits1References8Affected Software5
Rows per page
Query Builder