CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

179 matches found

ATTACKERKB•added 2026/04/22 11:30 p.m.•1 views

CVE-2026-6874

A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host can lead to reliance on reverse dns resolution. The attack may be performed from remote. The explo...

5.3CVSS5.3AI score0.00011EPSS

Exploits0References4Affected Software1

CVE•added 2026/04/22 11:30 p.m.•8 views

CVE-2026-6874

CVE-2026-6874 affects ericc-ch copilot-api up to version 0.7.0, specifically a vulnerability in the Header Handler's /token path where manipulating the Host argument can cause reliance on reverse DNS resolution. The attack is described as remote-accessible, with exploitation publicly disclosed. V...

5.3CVSS5.3AI score0.00011EPSS

Exploits0References4

Positive Technologies•added 2026/04/22 12:0 a.m.•3 views

PT-2026-34586

5.3CVSS5.3AI score0.00011EPSS

Exploits0References5

CNNVD•added 2026/04/03 12:0 a.m.•4 views

Core Flight System 安全漏洞

Core Flight System cFS is a generic flight software architecture framework open source by NASA. It is used for flagship spacecraft, manned spacecraft, cube satellites, and Raspberry Pi devices. Versions of Core Flight System 7.0.0 and earlier contain security vulnerabilities. These vulnerabilitie...

8.8CVSS6.8AI score0.0002EPSS

Exploits0References5

RedhatCVE•added 2026/03/31 8:32 p.m.•1 views

CVE-2026-5124

A flaw was found in osrg GoBGP. A remote attacker could exploit an improper access control vulnerability in the BGPHeader.DecodeFromBytes function within the BGP Header Handler component. This could lead to information disclosure, potentially revealing sensitive data. Mitigation Mitigation for th...

6.3CVSS5.8AI score0.00062EPSS

Exploits0References2

RedhatCVE•added 2026/01/26 3:10 p.m.•7 views

CVE-2026-1406

A vulnerability was determined in lcg0124 BootDo up to 5ccd963c74058036b466e038cff37de4056c1600. Affected by this vulnerability is the function redirectToLogin of the file AccessControlFilter.java of the component Host Header Handler. This manipulation of the argument Hostname causes open redirec...

5.1CVSS5.5AI score0.00014EPSS

Exploits0References1

NVD•added 2026/01/25 12:15 p.m.•3 views

CVE-2026-1406

5.1CVSS0.00014EPSS

Exploits0References4

Vulnrichment•added 2026/01/25 12:2 p.m.•3 views

CVE-2026-1406 lcg0124 BootDo Host Header AccessControlFilter.java redirectToLogin

5.1CVSS5.5AI score0.00014EPSS

Exploits0References4

ATTACKERKB•added 2026/01/25 12:2 p.m.•2 views

CVE-2026-1406

5.1CVSS5.5AI score0.00014EPSS

Exploits0References4

EUVD•added 2026/01/25 12:2 p.m.•4 views

EUVD-2026-4641

5.1CVSS4.8AI score0.00014EPSS

Exploits0References5

Positive Technologies•added 2026/01/25 12:0 a.m.•6 views

PT-2026-4648

5.1CVSS5.2AI score0.00014EPSS

Exploits0References5

OSV•added 2025/12/30 9:15 a.m.•1 views

CVE-2025-15241

A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack...

3.5CVSS6.8AI score

Exploits0References6

Vulnrichment•added 2025/12/30 9:2 a.m.•2 views

CVE-2025-15241 CloudPanel Community Edition HTTP Header users redirect

5.1CVSS6.5AI score0.00025EPSS

Exploits0References6

Cvelist•added 2025/12/30 9:2 a.m.•25 views

CVE-2025-15241 CloudPanel Community Edition HTTP Header users redirect

5.1CVSS0.00025EPSS

Exploits0References6

EUVD•added 2025/12/29 6:30 p.m.•3 views

EUVD-2025-205599

A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an unknown functionality of the file hedwig.cgi of the component HTTP Header Handler. The manipulation of the argument Cookie results in stack-based buffer overflow. It is possible to launch the attack...

10CVSS9.6AI score0.0031EPSS

Exploits1References7

OSV•added 2025/12/29 4:15 p.m.•2 views

CVE-2025-15194

9.8CVSS6.3AI score0.0031EPSS

Exploits1References6

Vulnrichment•added 2025/12/29 3:32 p.m.•3 views

CVE-2025-15194 D-Link DIR-600 HTTP Header hedwig.cgi stack-based overflow

10CVSS9.6AI score0.0031EPSS

Exploits1References6

CNNVD•added 2025/12/29 12:0 a.m.•3 views

D-Link DIR-600 安全漏洞

The D-Link DIR-600 is a wireless router from China AUO D-Link. A security vulnerability exists in the D-Link DIR-600 version 2.15WWb02 and prior versions, which stems from the incorrect manipulation of the parameter Cookie in the file hedwig.cgi of the component HTTP Header Handler, which could...

10CVSS9.6AI score0.0031EPSS

Exploits1References6

NVD•added 2025/12/28 9:15 p.m.•2 views

CVE-2025-15154

A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function getuserip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiat...

6.9CVSS0.00055EPSS

Exploits1References4

OSV•added 2025/12/28 9:15 p.m.•1 views

CVE-2025-15154

6.9CVSS6.8AI score

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by