Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-50376

Malicious code in bioql PyPI...

9.6CVSS9.4AI score0.02946EPSS
Exploits0References2
The Hacker News
The Hacker Newsadded 2023/11/25 4:0 a.m.196 views

Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches

The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows - CVE-2023-49103 CVSS score: 10.0 - Disclosure of...

10CVSS10AI score0.94329EPSS
Exploits12
OwnCloud
OwnCloudadded 2023/11/21 12:0 a.m.12 views

Subdomain Validation Bypass - ownCloud

Within the oauth2 app an attacker is able to pass in a specially crafted redirect-url which bypasses the validation code and thus allows the attacker to redirect callbacks to a TLD controlled by the attacker...

9CVSS7.1AI score
Exploits0Affected Software1
CVE
CVEadded 2023/11/21 12:0 a.m.78 views

CVE-2023-49104

CVE-2023-49104 affects ownCloud’s OAuth2 component (versions before 0.6.1) where enabling “Allow Subdomains” lets an attacker craft a redirect-url that bypasses validation, enabling callbacks to a top‑level domain controlled by the attacker. Documents consistently state the impact as redirection ...

8.7CVSS7.5AI score0.00058EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2023/10/20 7:15 p.m.12 views

CVE-2023-46117

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. A vulnerability has been identified in reconftw where inadequate validation of retrieved subdomains may lead to a Remote Code Execution R...

9.6CVSS9.5AI score0.02946EPSS
Exploits0References2
CloudLinux
CloudLinuxadded 2021/09/23 12:55 p.m.310 views

Fix of CVE: CVE-2018-20852, CVE-2020-8492, CVE-2020-26116, CVE-2020-27619

Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client - CVE-2020-26116: http.client allows CRLF injection if...

7.5CVSS2.6AI score0.02954EPSS
Exploits3References1
Tenable Nessus
Tenable Nessusadded 2020/09/02 12:0 a.m.43 views

OracleVM 3.4 : python (OVMSA-2020-0036)

The remote OracleVM system is missing necessary patches to address critical security updates : - Prefix dot in domain for proper subdomain validation C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory OVMSA-2020-0036...

5.3CVSS7.2AI score0.01665EPSS
Exploits1References2
Oracle linux
Oracle linuxadded 2019/12/13 12:0 a.m.83 views

python security update

2.7.5-86.0.3 - Prefix dot in domain for proper subdomain validation CVE-2018-20852Orabug: 30114725...

5.3CVSS1.5AI score0.01665EPSS
Exploits1
Rows per page
Query Builder