Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2022-7391

Malicious code in bioql PyPI...

7.2CVSS6.4AI score0.00522EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletinsadded 2022/12/12 9:16 a.m.106 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote attacker due to the electron module (CVE-2022-29247, CVE-2022-36077)

Summary IBM App Connect Enterprise is vulnerable to a remote attacker due to the electron module CVE-2022-29247, CVE-2022-36077. Electron is used for Discovery Connectors in IBM App Connect Enterprise. The latest fixpack includes electron v21.2.0 Vulnerability Details CVEID:CVE-2022-36077...

9.8CVSS5.3AI score0.00945EPSS
Exploits0Affected Software1
Veracode
Veracodeadded 2022/11/10 8:47 a.m.19 views

Improper Access Control

Electron is vulnerable to improper access control. The vulnerability is caused by Electron responding with NTLM authentication, including hashed credentials. This sensitive information leak occurs when the redirect target uses an SMB URL type starting withfile://, as the library delays the check...

7.2CVSS6.4AI score0.00522EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVEadded 2022/11/08 2:26 p.m.23 views

CVE-2022-36077

The Electron framework enables writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 21.0.0-beta.1, 20.0.1, 19.0.11, and 18.3.7, Electron is vulnerable to Exposure of Sensitive Information. When following a redirect, Electron delays a check for redirecti...

5.4CVSS0.00522EPSS
Exploits0References3
Prion
Prionadded 2010/06/17 4:30 p.m.24 views

Format string

Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4 allow remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a 1 afp, 2 cifs, or 3 smb URL...

6.8CVSS8.2AI score0.03222EPSS
Exploits0References6Affected Software2
Cvelist
Cvelistadded 2010/06/17 4:0 p.m.32 views

CVE-2010-1376

Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4 allow remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a 1 afp, 2 cifs, or 3 smb URL...

7.8AI score0.03222EPSS
Exploits0References6
Ubuntu
Ubuntuadded 2009/10/21 4:7 p.m.46 views

USN-851-1: Elinks vulnerabilities

Teemu Salmela discovered that Elinks did not properly validate input when processing smb:// URLs. If a user were tricked into viewing a malicious website and had smbclient installed, a remote attacker could execute arbitrary code with the privileges of the user invoking the program. CVE-2006-5925...

7.8CVSS5.7AI score0.0805EPSS
Exploits1
seebug.org
seebug.orgadded 2006/11/17 12:0 a.m.19 views

ELinks URL串处理smbclient远程命令注入漏洞

ELinks是一款开放源码的WEB浏览器。 ELinks在处理SMB相关的URL串时存在命令注入漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意命令。 ELinks没有正确验证“smb://”URL串就调用smbclient命令,允许攻击者在上述URL中注入smbclient命令下载和覆盖本地文件或向SMB共享上传文件。漏洞相关代码如下: ----------------------------------------------------------------------------- smbfunc in smb.c: ... 143 if share 144 if !dir ...

7AI score
Exploits0
Rows per page
Query Builder