CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

Tenable Nessus•added 2025/11/24 12:0 a.m.•2 views

Google Chrome < 4.8.271.17 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 4.8.271.17. It is, therefore, affected by multiple vulnerabilities as referenced in the 201601stable-channel-update20 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers...

9.3CVSS7.2AI score0.01427EPSS

Exploits1References18

Vulnrichment•added 2024/12/18 7:17 p.m.•11 views

CVE-2024-52593 Missing validation allows spoofed "origin" links in Misskey

Misskey is an open source, federated social media platform.In affected versions missing validation in NoteCreateService.insertNote, ApPersonService.createPerson, and ApPersonService.updatePerson allows an attacker to control the target of any "origin" links such as the "view on remote instance"...

5.1CVSS6.9AI score0.00278EPSS

Exploits0References1

CVE•added 2024/12/18 7:17 p.m.•41 views

CVE-2024-52593

Misskey (open source, federated social platform) has a vulnerability from missing validation in NoteCreateService.insertNote, ApPersonService.createPerson, and ApPersonService.updatePerson. An attacker can set the target of any origin links (e.g., the “view on remote instance” banner) to any HTTP...

5.3CVSS6.5AI score0.00278EPSS

Exploits0References1Affected Software1

OSV•added 2024/12/18 7:17 p.m.•1 views

CVE-2024-52593 Missing validation allows spoofed "origin" links in Misskey

5.1CVSS6.9AI score0.00278EPSS

Exploits0References3

AlmaLinux•added 2024/11/13 12:0 a.m.•21 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 firefox: thunderbird: History interface could have been used to cause a Denial of Servi...

9.8CVSS10AI score0.30808EPSS

Exploits1References24

RedHat Linux•added 2024/11/07 3:13 p.m.•15 views

Moderate: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

9.8CVSS6.9AI score0.00944EPSS

Exploits0References11

RedHat Linux•added 2024/10/31 7:34 p.m.•16 views

Moderate: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.9AI score0.00944EPSS

Exploits0References11

SUSE CVE•added 2024/01/25 2:48 a.m.•1 views

SUSE CVE-2024-0749

A phishing site could have repurposed an about: dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox 122 and Thunderbird 115.7...

4.3CVSS6.2AI score0.00338EPSS

Exploits0References8

OSV•added 2022/12/22 8:15 p.m.•3 views

CVE-2022-38472

An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird 102.2,...

6.5CVSS8.2AI score

Exploits0References6

NVD•added 2022/12/22 8:15 p.m.•16 views

CVE-2022-38472

6.5CVSS0.0017EPSS

Exploits0References6

Prion•added 2022/12/22 8:15 p.m.•21 views

Design/Logic Flaw

4.3CVSS6.7AI score0.0017EPSS

Exploits0References6Affected Software3

CVE•added 2022/12/22 12:0 a.m.•176 views

CVE-2022-38472

The CVE-2022-38472 issue is a cross-origin spoofing vulnerability where XSLT error handling could allow attacker‑controlled content to be displayed as a different origin in the address bar, potentially tricking users into submitting data to a spoofed site. Affected products/versions (as stated in...

6.5CVSS7AI score0.0017EPSS

Exploits0References6Affected Software2

AlpineLinux•added 2022/12/22 12:0 a.m.•23 views

CVE-2022-38472

6.5CVSS7.4AI score0.0017EPSS

Exploits0

Cvelist•added 2022/12/22 12:0 a.m.•21 views

CVE-2022-38472

7.2AI score0.0017EPSS

Exploits0References6

Debian CVE•added 2022/12/22 12:0 a.m.•33 views

CVE-2022-38472

6.5CVSS8AI score0.0017EPSS

Exploits0

Tenable Nessus•added 2022/08/29 12:0 a.m.•33 views

Debian DSA-5221-1 : thunderbird - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5221 advisory. Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the stable distribution...

8.8CVSS8.1AI score0.00272EPSS

Exploits0References9

RedHat Linux•added 2022/08/24 6:48 p.m.•2 views

Mozilla: Address bar spoofing via XSLT error handling

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of an attacker abusing XSLT error handling to associate attacker-controlled content with another origin, which was displayed in the address bar. This issue could be used to fool the user into submitting data...

6.5CVSS7.2AI score0.0017EPSS

Exploits0References5

RedHat Linux•added 2022/08/24 6:45 p.m.•3 views

Mozilla: Address bar spoofing via XSLT error handling

6.5CVSS7.2AI score0.0017EPSS

Exploits0References5

RedHat Linux•added 2022/08/24 6:35 p.m.•3 views

Mozilla: Address bar spoofing via XSLT error handling

6.5CVSS7.2AI score0.0017EPSS

Exploits0References5

RedHat Linux•added 2022/08/24 5:41 p.m.•4 views

Mozilla: Address bar spoofing via XSLT error handling