Lucene search
K

204 matches found

EUVD
EUVD
added 2026/02/27 9:30 a.m.8 views

EUVD-2025-208134

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References7
NVD
NVD
added 2026/02/27 8:17 a.m.6 views

CVE-2025-9909

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS0.00167EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/27 7:30 a.m.14 views

CVE-2025-9909

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/27 7:30 a.m.26 views

CVE-2025-9909 Aap-gateway: improper path validation in gateway allows credential exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS0.00167EPSS
Exploits0References6
CVE
CVE
added 2026/02/27 7:30 a.m.15 views

CVE-2025-9909

The CVE-2025-9909 issue affects Red Hat Ansible Automation Platform Gateway route creation: improper gateway_path handling allows an attacker with admin privileges to create misleading routes (double-slash prefix) to intercept credentials, potentially enabling persistent backdoors. It is describe...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References6Affected Software3
Vulnrichment
Vulnrichment
added 2026/02/27 7:30 a.m.5 views

CVE-2025-9909 Aap-gateway: improper path validation in gateway allows credential exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.10 views

PT-2025-54839

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gateway path. A malicious or socially engineered administrator can configure a...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/12/10 6:0 p.m.7 views

aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.7AI score0.00167EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/19 3:51 p.m.3 views

aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.7AI score0.00167EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/18 9:30 a.m.5 views

EUVD-2025-197934

The Project Honey Pot Spam Trap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the printAdminPage function. This makes it possible for unauthenticated attackers to update setting...

6.1CVSS4.9AI score0.00127EPSS
Exploits0References5
NVD
NVD
added 2025/11/18 9:15 a.m.19 views

CVE-2025-12406

The Project Honey Pot Spam Trap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the printAdminPage function. This makes it possible for unauthenticated attackers to update setting...

6.1CVSS0.00127EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.6 views

WordPress plugin Project Honey Pot Spam Trap 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin i...

6.1CVSS6.3AI score0.00127EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/11/17 10:44 p.m.7 views

WordPress Project Honey Pot Spam Trap plugin <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Project Honey Pot Spam Trap versions = 1.0.1...

6.1CVSS5.9AI score0.00127EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/11/11 7:26 a.m.0 views

EUVD-2025-79742

Malicious code in barrera-soluble-pot npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:26 a.m.0 views

EUVD-2025-82360

Malicious code in cook-soluble-pot npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:26 a.m.0 views

EUVD-2025-81324

Malicious code in lucero-soluble-pot npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:26 a.m.0 views

EUVD-2025-81853

Malicious code in frey-soluble-pot npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:26 a.m.0 views

EUVD-2025-82164

Malicious code in dorsey-soluble-pot npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 7:26 a.m.3 views

Malicious code in mooney-soluble-pot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb7555c9d0314c5e50c89460dfd235cffd638527975e329841943229e77e2d52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 7:26 a.m.0 views

Malicious code in hunter-soluble-pot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a78a0c333c85f94daf21121c545795e936762826a0854d98ac90208b024d66f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder