Lucene search
K

4 matches found

OSV
OSV
added 6 days ago3 views

CVE-2026-55590 CakePHP: Open redirect weakness via backslash bypass

CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...

5.1CVSS6.1AI score0.0028EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.13 views

PT-2026-50603

Name of the Vulnerable Software and Affected Versions CakePHP Authentication versions prior to 2.11.1 CakePHP Authentication versions prior to 3.3.6 CakePHP Authentication versions prior to 4.1.1 Description The getLoginRedirect function contains a weakness to backslash bypasses. This allows...

6.1CVSS5.9AI score0.0028EPSS
Exploits0References17
NVD
NVD
added 2025/12/31 7:15 p.m.4 views

CVE-2025-34468

libcoap versions up to and including 4.3.5, prior to commit 30db3ea, contain a stack-based buffer overflow in address resolution when attacker-controlled hostname data is copied into a fixed 256-byte stack buffer without proper bounds checking. A remote attacker can trigger a crash and potentiall...

9.8CVSS0.00637EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Inefficient Algorithmic Complexity (CVE-2022-45061)

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...

7.5CVSS6.9AI score0.02453EPSS
Exploits1References6
Rows per page
Query Builder