Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Debian CVE
Debian CVEadded 2023/06/19 10:14 a.m.20 views

CVE-2023-34414

The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a sit...

3.1CVSS6.8AI score0.00049EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2023/06/13 3:0 p.m.1 views

Mozilla: Click-jacking certificate exceptions through rendering lag

The Mozilla Foundation Security Advisory describes this flaw as: The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user...

3.1CVSS7.2AI score0.00049EPSS
Exploits0References6
Veracode
Veracodeadded 2023/02/20 6:51 a.m.27 views

Cross-Site Scripting (XSS)

backstage is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to not sanitizing catalog content which allows an attacker to inject script urls in the entities stored in the catalog, which results in XSS when a user clicks on the entry...

6.8CVSS4.8AI score0.0071EPSS
Exploits0References2Affected Software3
Microsoft CVE
Microsoft CVEadded 2018/01/09 8:0 a.m.23 views

ASP.NET Core Elevation Of Privilege Vulnerability

An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests. An attacker who successfully exploited this vulnerability could perform content injection attacks and run script in the security...

8.8CVSS2.1AI score0.15711EPSS
Exploits0
CNVD
CNVDadded 2017/11/16 12:0 a.m.2 views

Adobe Connect Clickjacking Vulnerability

Adobe Connect is an online video conferencing software. A clickjacking vulnerability exists in Adobe Connect 9.6.2 and earlier versions. A remote user can exploit the vulnerability to hijack a target user's mouse clicks to act as the target user to perform actions on a website and obtain...

6.1CVSS6.8AI score0.00448EPSS
Exploits0References1
msvr
msvradded 2011/08/16 12:0 a.m.591 views

Vulnerability in Apple Safari Could Allow Information Disclosure

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple Safari version 5.05 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Apple Inc. Apple Inc...

4.3CVSS1.5AI score0.00183EPSS
Exploits0Affected Software1
Packet Storm
Packet Stormadded 2009/01/29 12:0 a.m.25 views

Internet Explorer 7 ClickJack

Application Name : İnternet Explorer 7 Vulnerable Type : Clickjacking Author : UzmiX function updateboxevt mouseX=evt.pageX?evt.pageX:evt.clientX; mouseY=evt.pageY?evt.pageY:evt.clientY; document.getElementById'open'.style.left=mouseX-2; document.getElementById'open'.style.top=mouseY-2;...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2005/05/22 12:0 a.m.19 views

mfsa200539.txt

// FrSIRT Comment : If a user clicks on a link, this code will load "about:plugins" // into Firefox sidebar panel and will overwrite "browser.startup.homepage", // which will change the homepage to malicious.com Click Here First Next, Click Here...

7.4AI score
Exploits0
Rows per page
Query Builder