Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-0661

Malware in sbrugna...

5.3CVSS6.1AI score0.00387EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/08/12 12:13 a.m.13 views

Komari vulnerable to Cross-site WebSocket Hijacking

Summary WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking CSWSH attacks against authenticated users Details https://github.com/komari-monitor/komari/blob/bd5a6934e1b79a12cf1e6a9bba5372d0e04f3abc/api/terminal.goL33-L35 Any third party website can send request...

7.7AI score
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 p.m.5 views

CVE-2021-35478

Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page...

5.4CVSS6.1AI score0.76624EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/02/18 5:38 p.m.8 views

CVE-2025-25300 smartbanner.js rel noopener XSS vulnerability

smartbanner.js is a customizable smart app banner for iOS and Android. Prior to version 1.14.1, clicking on smartbanner View link and navigating to 3rd party page leaves window.opener exposed. It may allow hostile third parties to abuse window.opener, e.g. by redirection or injection on the...

5.3CVSS7AI score0.00387EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/07/30 12:0 a.m.51 views

CVE-2021-35479

Nagios Log Server before 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page. Recent assessments: NinjaOperator at July 23, 2021 9:42pm UTC reported:...

3.5CVSS0.7AI score0.76624EPSS
Exploits2References4
Rows per page
Query Builder