Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/05/27 8:16 p.m.10 views

UBUNTU-CVE-2026-44681

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.12 and 1.7.1, an unauthenticated open redirect in Authlib's OpenIDImplicitGrant and OpenIDHybridGrant authorization endpoint lets a remote attacker cause the authorization server to issue an HTTP 302 to an...

6.1CVSS5.8AI score0.00181EPSS
Exploits1References3
NCSC
NCSCadded 2025/12/31 2:29 p.m.8 views

Vulnerability fixed in Roundcube Webmail

Roundcube has fixed a vulnerability in Roundcube Webmail. An unauthenticated malicious party can exploit the vulnerability to perform a cross-site scripting attack. The malicious party can thus execute JavaScript code in a user's browser and take over a user's account, for example. To do this, th...

7.2CVSS6.5AI score0.19769EPSS
Exploits1References1
OSV
OSVadded 2025/12/18 5:15 a.m.1 views

UBUNTU-CVE-2025-68461

Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting XSS vulnerability via the animate tag in an SVG document...

7.2CVSS5.8AI score0.19769EPSS
Exploits1References6
SUSE CVE
SUSE CVEadded 2023/02/15 5:43 a.m.2 views

SUSE CVE-2012-6053

epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service infinite loop via a zero value for this field...

5CVSS5.5AI score0.02806EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2021/04/21 1:15 p.m.1 views

rubygem-rack: hijack sessions by using timing attacks targeting the session id

A flaw was found in rubygem-rack in versions prior to 1.6.12 and 2.0.8. An information leak may allow an attacker to find and hijack sessions using timing attacks targeting the session ID. The highest threat from the vulnerability is to data confidentiality...

6.3CVSS6.6AI score0.03687EPSS
Exploits0References5
CNVD
CNVDadded 2015/08/13 12:0 a.m.2 views

OpenAFS 'bos' Command Spoofing Vulnerability

OpenAFS is an open source distributed file system that allows sharing of files and resources between systems over local and wide area networks. A security vulnerability exists in OpenAFS 1.6.12 and earlier versions. An attacker can exploit the vulnerability to forge RPC commands in a network...

6.8CVSS6.7AI score0.02081EPSS
Exploits0References1
OSV
OSVadded 2012/12/05 11:57 a.m.0 views

UBUNTU-CVE-2012-6060

Integer overflow in the dissectiscsipdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service infinite loop via a malformed packet...

5CVSS6.3AI score0.02742EPSS
Exploits2References6
Rows per page
Query Builder