Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2009-1676

Malware in sbrugna...

4.3CVSS6.1AI score0.00294EPSS
Exploits2References18
NVD
NVDadded 2025/09/05 12:15 a.m.1 views

CVE-2025-58179

Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URL...

7.2CVSS0.00376EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/09/04 11:36 p.m.1 views

CVE-2025-58179 Astro Cloudflare adapter is vulnerable to Server-Side Request Forgery via /_image endpoint

Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URL...

7.2CVSS6.1AI score0.00376EPSS
Exploits1References2
SUSE CVE
SUSE CVEadded 2023/02/15 6:4 a.m.1 views

SUSE CVE-2009-1681

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a craft...

4.3CVSS6.5AI score0.00294EPSS
Exploits2References4
Rapid7 Blog
Rapid7 Blogadded 2020/11/02 1:51 p.m.82 views

Overview of Content Security Policies (CSPs) on the Web

A Content Security Policy is a protocol that allows a site owner to control what resources are loaded on a web page by the browser, and how those resources may be loaded. This protocol was developed primarily to mitigate the impact of cross-site scripting XSS vulnerabilities. To understand exactl...

6.7AI score
Exploits0
OpenVAS
OpenVASadded 2018/06/28 12:0 a.m.185 views

Microsoft Windows 10: Do not suggest third-party content in Windows spotlight

If you enable this policy, Windows spotlight features like lock screen spotlight, suggested apps in Start menu or Windows tips will no longer suggest apps and content from third-party software publishers. Users may still see suggestions and tips to make them more productive with Microsoft feature...

7.2AI score
Exploits0References6
Jake Archibald's Blog
Jake Archibald's Blogadded 2018/02/27 2:47 p.m.15 views

Third party CSS is not safe

A few days ago there was a lot of chatter about a 'keylogger' built in CSS. Some folks called for browsers to 'fix' it. Some folks dug a bit deeper and saw that it only affected sites built in React-like frameworks, and pointed the finger at React. But the real problem is thinking that third part...

7.3AI score
Exploits0
ThreatPost
ThreatPostadded 2011/02/25 7:34 p.m.190 views

Microsoft Submits Tracking Protection Proposal to W3C

Microsoft has submitted its proposal for web tracking protection to the W3C for consideration as a standard, hoping to get the organization’s stamp of approval for its browser privacy technology. The proposal is in the earliest stages of the process and has not been approved, a process that can...

9.3CVSS8.4AI score0.94354EPSS
Exploits33References10
Rows per page
Query Builder