Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2007-3741

Malware in sbrugna...

4.3CVSS6.4AI score0.01998EPSS
Exploits1References9
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-27901

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00364EPSS
Exploits0References3
Hacker One
Hacker Oneadded 2023/01/01 8:27 a.m.25 views

Brave Software: UI spoofing by showing sms:/tel: dialog on another website

A vulnerability was discovered in Brave for iOS version 1.45.2 that allowed for UI spoofing by showing an sms:/tel: dialog on another website without displaying the caller origin, potentially leading to user confusion and deception...

6.7AI score
Exploits0
Cvelist
Cvelistadded 2022/12/22 12:0 a.m.34 views

CVE-2022-22758

When clicking on a tel: link, USSD codes, specified after a \ character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.This bug only affects...

8.6AI score0.00364EPSS
Exploits0References2
CVE
CVEadded 2022/12/22 12:0 a.m.151 views

CVE-2022-22758

CVE-2022-22758 affects Mozilla Firefox (Android) and arises from incorrect handling of tel: links where USSD codes placed after a * character could be included in the dialed number, potentially enabling actions on a user’s account. The issue impacts Firefox versions prior to 97 (and related ESR l...

8.8CVSS8.2AI score0.00364EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinuxadded 2022/12/22 12:0 a.m.44 views

CVE-2022-22758

When clicking on a tel: link, USSD codes, specified after a \ character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.This bug only affects...

8.8CVSS8.5AI score0.00364EPSS
Exploits0
CNNVD
CNNVDadded 2022/02/08 12:0 a.m.4 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox that stems from an error in the way the product handles tel:link. An attacker could place special characters in a phone number, forcing the victim to make a phone call whe...

8.8CVSS8.3AI score0.00364EPSS
Exploits0References6
BDU FSTEC
BDU FSTECadded 2016/04/06 12:0 a.m.6 views

The vulnerability of the Mac OS X operating system allows a perpetrator to trigger a phone number collection event without the user’s permission.

The vulnerability of the Reminders component in the Mac OS X operating system is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, acting remotely, to trigger a phone number collection event without user permission by clicking on the “tel” link...

4.3CVSS6.9AI score0.01216EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2007/09/27 9:17 p.m.18 views

Code injection

Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make calls to arbitrary telephone numbers via a "tel:" link, which does not prompt the user before dialing the number...

4.3CVSS6.6AI score0.01998EPSS
Exploits1References8Affected Software2
Rows per page
Query Builder