Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8406 matches found

Microsoft CVE
Microsoft CVEadded 2017/03/14 7:0 a.m.34 views

Microsoft Edge Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy SOP restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploite...

4.2CVSS1.3AI score0.28545EPSS
Exploits3
Microsoft CVE
Microsoft CVEadded 2017/03/14 7:0 a.m.36 views

Microsoft Edge Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy SOP restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploite...

4.2CVSS1.3AI score0.07693EPSS
Exploits0
Packet Storm
Packet Stormadded 2017/03/14 12:0 a.m.40 views

Microsoft Edge Fetch API Arbitrary Header Setting

------------------------------------------------------------------------ Microsoft Edge Fetch API allows setting of arbitrary request headers ------------------------------------------------------------------------ Yorick Koster, January 2017...

0.28545EPSS
Exploits3
ArchLinux
ArchLinuxadded 2017/03/10 12:0 a.m.68 views

[ASA-201703-3] firefox: multiple issues

Arch Linux Security Advisory ASA-201703-3 ========================================= Severity: Critical Date : 2017-03-10 CVE-ID : CVE-2017-5398 CVE-2017-5399 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5403 CVE-2017-5404 CVE-2017-5405 CVE-2017-5406 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410...

10CVSS0.4AI score0.17484EPSS
Exploits19References77
Tenable Nessus
Tenable Nessusadded 2017/03/10 12:0 a.m.257 views

Mozilla Thunderbird < 45.8 Multiple Vulnerabilities (macOS)

The version of Mozilla Thunderbird installed on the remote macOS or Mac OS X host is prior to 45.8. It is, therefore, affected by multiple vulnerabilities : - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, Andre Bargull, Kan-Ru...

10CVSS7.8AI score0.17484EPSS
Exploits8References29
Tenable Nessus
Tenable Nessusadded 2017/03/09 12:0 a.m.55 views

Mozilla Firefox < 52.0 Multiple Vulnerabilities

The version of Mozilla Firefox installed on the remote Windows host is prior to 52.0. It is, therefore, affected by multiple vulnerabilities : - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, Andre Bargull, Kan-Ru Chen, and...

10CVSS8.1AI score0.17484EPSS
Exploits21References27
RedHat Linux
RedHat Linuxadded 2017/03/08 4:4 p.m.1 views

Mozilla: Pixel and history stealing via floating-point timing side channel with SVG filters (MFSA 2017-06)

Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information...

6.5CVSS7.2AI score0.02806EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2017/03/08 3:53 p.m.2 views

Mozilla: Pixel and history stealing via floating-point timing side channel with SVG filters (MFSA 2017-06)

Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information...

6.5CVSS7.2AI score0.02806EPSS
Exploits1References5
Ubuntu
Ubuntuadded 2017/03/07 11:56 p.m.76 views

USN-3216-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, spoof the addressbar, spoof the print dialog, cause a denial of...

10CVSS7.6AI score0.17484EPSS
Exploits19
OSV
OSVadded 2017/03/07 11:56 p.m.2 views

USN-3216-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, spoof the addressbar, spoof the print dialog, cause a denial of...

10CVSS6.8AI score0.17484EPSS
Exploits19References26
UbuntuCve
UbuntuCveadded 2017/03/07 12:0 a.m.19 views

CVE-2017-5407

Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information...

6.5CVSS6.8AI score0.02806EPSS
Exploits1References4
Mozilla
Mozillaadded 2017/03/07 12:0 a.m.55 views

Security vulnerabilities fixed in Firefox ESR 45.8 — Mozilla

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may be exploitabl...

9.8CVSS0.8AI score0.17484EPSS
Exploits7References10Affected Software1
OSV
OSVadded 2017/02/22 7:59 p.m.4 views

CVE-2016-8915

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference : 1998649...

6.5CVSS5.8AI score
Exploits0References2
NVD
NVDadded 2017/02/20 8:59 a.m.14 views

CVE-2017-2364

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site...

6.5CVSS5.4AI score0.06653EPSS
Exploits3References7
NVD
NVDadded 2017/02/20 8:59 a.m.16 views

CVE-2017-2363

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain...

6.5CVSS5.4AI score0.06961EPSS
Exploits3References8
NVD
NVDadded 2017/02/20 8:59 a.m.18 views

CVE-2017-2365

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted...

6.5CVSS5.4AI score0.07043EPSS
Exploits3References7
OSV
OSVadded 2017/02/20 8:59 a.m.4 views

CVE-2017-2363

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain...

6.5CVSS6.2AI score
Exploits0References8
OSV
OSVadded 2017/02/20 8:59 a.m.3 views

CVE-2017-2365

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted...

6.5CVSS6.2AI score
Exploits0References7
OSV
OSVadded 2017/02/20 8:59 a.m.1 views

DEBIAN-CVE-2017-2365

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted...

6.5CVSS7.2AI score0.07043EPSS
Exploits3References1
OSV
OSVadded 2017/02/20 8:59 a.m.3 views

CVE-2017-2364

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site...

6.5CVSS6.2AI score
Exploits0References7
Rows per page
Query Builder