Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-7786

Malware in sbrugna...

6.1CVSS7.7AI score0.05067EPSS
Exploits2References10
RedHat Linux
RedHat Linuxadded 2024/09/05 2:13 p.m.2 views

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget

A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters...

7.5CVSS7AI score0.0091EPSS
Exploits0References5
OSV
OSVadded 2024/08/07 3:15 p.m.0 views

DEBIAN-CVE-2024-41991

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters...

7.5CVSS6.9AI score0.0091EPSS
Exploits0References1
PyPA
PyPAadded 2024/08/07 3:15 p.m.4 views

PYSEC-2024-69

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters...

7.5CVSS7AI score0.0091EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2024/08/06 1:0 p.m.0 views

UBUNTU-CVE-2024-41991

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters...

7.5CVSS6.8AI score0.0091EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/07/31 12:0 a.m.4 views

PT-2024-6155

Name of the Vulnerable Software and Affected Versions: Django versions 4.2 through 4.2.14 Django versions 5.0 through 5.0.7 Description: The issue is related to a potential denial-of-service attack in Django, specifically affecting the urlize and urlizetrunc template filters, and the...

9.8CVSS7.3AI score0.02803EPSS
Exploits3References79
OSV
OSVadded 2023/12/18 10:15 a.m.2 views

CVE-2023-32725

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user...

8.8CVSS6.6AI score
Exploits0References1
Prion
Prionadded 2023/12/18 10:15 a.m.15 views

Session fixation

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user...

6.8CVSS7AI score0.01064EPSS
Exploits0References1Affected Software2
UbuntuCve
UbuntuCveadded 2023/12/18 10:15 a.m.61 views

CVE-2023-32725

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user...

9.6CVSS7.2AI score0.01064EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/12/18 9:15 a.m.18 views

CVE-2023-32725 Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user...

9.6CVSS9.4AI score0.01064EPSS
Exploits0References1
CVE
CVEadded 2023/12/18 9:15 a.m.100 views

CVE-2023-32725

The CVE-2023-32725 issue affects the Zabbix frontend URL widget: testing or running scheduled reports can cause the site to receive a session cookie that can be used to access the frontend as the specific user. Root cause is improper handling of session cookies in the URL widget, enabling session...

9.6CVSS9AI score0.01064EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DBadded 2020/12/04 12:0 a.m.1081 views

Zabbix 5.0.0 - Stored XSS via URL Widget Iframe

Exploit Title: Zabbix 5.0.0 - Stored XSS via URL Widget Iframe Date: 8/11/2020 Exploit Author: Shwetabh Vishnoi Vendor Homepage: https://www.zabbix.com/ Software Link: https://www.zabbix.com/download Affected Version: Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before...

6.1CVSS6.6AI score0.05067EPSS
Exploits2
Packet Storm
Packet Stormadded 2020/12/04 12:0 a.m.1072 views

Zabbix 5.0.0 Cross Site Scripting

Exploit Title: Zabbix 5.0.0 - Stored XSS via URL Widget Iframe Date: 8/11/2020 Exploit Author: Shwetabh Vishnoi Vendor Homepage: https://www.zabbix.com/ Software Link: https://www.zabbix.com/download Affected Version: Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before...

4.3CVSS6.6AI score0.05067EPSS
Exploits2
OpenVAS
OpenVASadded 2020/10/05 12:0 a.m.22 views

openSUSE: Security Advisory for zabbix (openSUSE-SU-2020:1604-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.5AI score0.47753EPSS
Exploits18References2
OSV
OSVadded 2020/07/17 3:15 a.m.1 views

DEBIAN-CVE-2020-15803

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget...

6.1CVSS7.3AI score0.05067EPSS
Exploits2References1
NVD
NVDadded 2020/07/17 3:15 a.m.20 views

CVE-2020-15803

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget...

6.1CVSS0.05067EPSS
Exploits2References7
OSV
OSVadded 2020/07/17 3:15 a.m.24 views

CVE-2020-15803

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget...

6.1CVSS5.6AI score
Exploits0References7
UbuntuCve
UbuntuCveadded 2020/07/17 3:15 a.m.47 views

CVE-2020-15803

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget...

6.1CVSS6.9AI score0.05067EPSS
Exploits2References3
OSV
OSVadded 2020/07/17 3:15 a.m.1 views

UBUNTU-CVE-2020-15803

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget...

6.1CVSS6.9AI score0.05067EPSS
Exploits2References4
Prion
Prionadded 2020/07/17 3:15 a.m.24 views

Design/Logic Flaw

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget...

4.3CVSS6AI score0.05067EPSS
Exploits2References7Affected Software5
Rows per page
Query Builder