Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-1999-0534

Malware in sbrugna...

7.5CVSS6.4AI score0.00932EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/21 6:10 p.m.3 views

CVE-1999-0537

A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc...

7.5CVSS7AI score0.00932EPSS
Exploits0References1
Prion
Prionadded 2021/11/08 5:15 a.m.13 views

Hardcoded credentials

A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because cleartext information is present in HTML password input fields in the device properties. Viewing the passwords requires configuring a web browser to display HTML password input fields...

4.3CVSS7.4AI score0.00176EPSS
Exploits0References3Affected Software2
Prion
Prionadded 2016/09/06 10:59 a.m.21 views

Design/Logic Flaw

The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...

5CVSS6.8AI score0.01253EPSS
Exploits0References9
UbuntuCve
UbuntuCveadded 2016/09/06 10:59 a.m.23 views

CVE-2016-7152

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...

5.3CVSS6.1AI score0.01253EPSS
Exploits0References4
Cvelist
Cvelistadded 2016/09/06 10:0 a.m.23 views

CVE-2016-7152

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...

5.4AI score0.01253EPSS
Exploits0References9
0day.today
0day.todayadded 2013/10/04 12:0 a.m.21 views

ZeroShell 2.0 RC3 Command Injection / Cross Site Scripting

ZeroShell version 2.0 RC3 suffers from command injection and cross site scripting vulnerabilities. ----------- Author: ----------- xistence ------------------------- Affected products: ------------------------- ZeroShell 2.0 RC3 ------------------------- Affected vendors: ------------------------...

7.3AI score
Exploits0
CERT
CERTadded 2006/12/08 12:0 a.m.42 views

Microsoft Windows Media Player fails to properly handle malformed Windows Media Metafiles

Overview Windows Media Player does not properly handle malformed Windows Media Metafiles. This vulnerability may allow a remote attacker to execute arbitrary code or crash Windows Media Player. Description Windows Media Player WMP is a multimedia application that comes with Microsoft Windows...

7.5CVSS7AI score0.73664EPSS
Exploits2References6
Rows per page
Query Builder