CVE-2025-32748

Dell PowerFlex rack, versions RCM 3.7/3.7, contains a Host Header Injection vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to trigger redirections...

EUVD-2025-210272

Dell PowerFlex rack, versions RCM 3.7/3.7, contains a Host Header Injection vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to trigger redirections...

CVE-2025-32748

Dell PowerFlex rack (RCM 3.7/3.7) contains a Host Header Injection vulnerability that allows an unauthenticated, remotely accessible attacker to trigger redirections. CVSS v3.1 base score 4.3 (MEDIUM) with Network attack vector, Low complexity, No privileges required, User interaction required. N...

Astra Linux – Vulnerability in python-urllib3

urllib3 is a user-friendly HTTP client library for Python. Prior to version 2.5.0, it was possible to disable redirections for all requests by instantiating a PoolManager and specifying retries in a way that disables redirections. By default, requests and botocore users are not affected. An...

Horilla 输入验证错误漏洞

Horilla is a free open-source human resources software developed by Horilla Company. Version 1.5.0 of Horilla contains a vulnerability related to input validation errors. This vulnerability arises from the notification endpoint trusting unvalidated next parameters and redirecting users to arbitra...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 had code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing mechanism in the market plugin download function, which could allow attackers to...

Weblate 安全漏洞

Weblate is an open-source, copyleft, web-based free software system for continuous localization. Versions of Weblate prior to 5.17 contained a security vulnerability. This vulnerability stemmed from the ALLOWEDASSETDOMAINS setting, which applied only to initial requests and did not restrict...

CVE-2021-22334

There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause app redirections...

CVE-2019-16532

An HTTP Host header injection vulnerability exists in YzmCMS V5.3. A malicious user can poison a web cache or trigger redirections...

EUVD-2003-0446

Malware in sbrugna...

EUVD-2020-2404

Malware in sbrugna...

EUVD-2019-9387

Malware in sbrugna...

EUVD-2019-8620

Malware in sbrugna...

EUVD-2010-1784

Malware in sbrugna...

EUVD-2021-9480

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-31151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authorization headers are cleared on cross-origin redirect. However, cookie headers which are sensitive headers and are official headers found in the spec, rema...

USN-7647-1: LedgerSMB vulnerabilities

It was discovered that LedgerSMB did not check the origin of HTML fragments. An attacker could possibly use this issue to send a maliciously crafted URL to the server and obtain sensitive information, or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubun...

USN-7647-1 ledgersmb vulnerabilities

It was discovered that LedgerSMB did not check the origin of HTML fragments. An attacker could possibly use this issue to send a maliciously crafted URL to the server and obtain sensitive information, or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubun...

CVE-2023-1331

The Redirection WordPress plugin before 1.1.5 does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack...

CVE-2022-42452

HCL Launch is vulnerable to HTML injection. HTML code is stored and included without being sanitized. This can lead to further attacks such as XSS and Open Redirections...