Lucene search
+L

61 matches found

Hacker One
Hacker One
added 2026/03/29 4:37 p.m.19 views

curl: HTTP/2 PUSH_PROMISE header loss on OOM bypasses scheme validation (regression of 2e8c922a89)

Summary: In lib/http2.c:1490, when curlmaprintf fails due to memory pressure, the push promise header is silently dropped but the callback returns success. If the lost header is the :scheme pseudo-header, the security check at line 733 that blocks HTTPS pushes over insecure connections is skipped...

6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-32008

OpenClaw versions prior to 2026.2.21 contain an improper URL scheme validation vulnerability in the assertBrowserNavigationAllowed function that allows authenticated users with browser-tool access to navigate to file:// URLs. Attackers can exploit this by accessing local files readable by the...

7.1CVSS5.8AI score0.00403EPSS
Exploits1References1
Hacker One
Hacker One
added 2026/03/11 3:2 p.m.12 views

curl: urlapi: off-by-one in custom scheme validation skips last character

Summary In lib/urlapi.c, the seturlscheme function has an off-by-one error when validating custom scheme names. The validation loop checks scheme0 twice once by ISALPHA, once in the loop and never checks the last character. This allows schemes ending with any arbitrary byte e.g., foo!, bar, bad/ ...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.10 views

Quill 代码问题漏洞

Quill is an open-source application developed by Quill. It provides an application editor function. Versions of Quill prior to 0.7.1 had code-related vulnerabilities. These vulnerabilities stemmed from the lack of validation of URL schemes and hosts when obtaining Apple, which could lead to...

5.3CVSS7.3AI score0.00097EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/01/22 7:0 p.m.182 views

CVE-2026-XXXX-Meru-Shell-OpenExternal-RCE

CVE-2026-XXXXX: Arbitrary URL Scheme Execution in Meru Gmail...

6.3AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-2722

Malware in sbrugna...

8.8CVSS9.1AI score0.01317EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-3104

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00601EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-28533

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00427EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-42515

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00371EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-25682

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00521EPSS
Exploits0References1
CVE
CVE
added 2025/09/04 6:33 p.m.29 views

CVE-2025-26454

CVE-2025-26454 concerns a flaw in the Android component DisclaimersParserImpl.java, where a confused deputy could allow access to data from other users, enabling local privilege escalation without extra execution privileges or user interaction. The public records consistently describe the issue a...

7.8CVSS6.3AI score0.00089EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/09/04 12:0 a.m.5 views

Promptcraft Forge Studio 安全漏洞

Promptcraft Forge Studio is a developer toolkit for Marcelo Tessaro Individual Developer. A security vulnerability exists in Promptcraft Forge Studio that stems from an incomplete URL scheme check, which could lead to cross-site scripting attacks...

9.3CVSS5.9AI score0.00264EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/24 9:22 a.m.4 views

CVE-2025-7780 Ai Engine <= 2.9.4 - Missing URL Scheme Validation to Authenticated (Subscriber+) Arbitrary File Read via simpleTranscribeAudio and get_audio Functions

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4. The simpleTranscribeAudio endpoint fails to restrict URL schemes before calling getaudio. This makes it possible for authenticated attackers, with Subscriber-level acces...

6.5CVSS6.2AI score0.00505EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/07/24 9:22 a.m.28 views

CVE-2025-7780 AI Engine <= 2.9.4 - Missing URL Scheme Validation to Authenticated (Subscriber+) Arbitrary File Read via simpleTranscribeAudio and get_audio Functions

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4. The simpleTranscribeAudio endpoint fails to restrict URL schemes before calling getaudio. This makes it possible for authenticated attackers, with Subscriber-level acces...

6.5CVSS0.00505EPSS
Exploits0References5
CVE
CVE
added 2025/07/24 9:22 a.m.24 views

CVE-2025-7780

CVE-2025-7780 (AI Engine WordPress Plugin) is a vulnerability affecting versions up to 2.9.4 where the simpleTranscribeAudio endpoint does not validate URL schemes before invoking get_audio(), allowing authenticated users with Subscriber-level access or higher to read arbitrary files on the web s...

6.5CVSS6AI score0.00505EPSS
Exploits0References5
CVE
CVE
added 2025/06/10 5:29 p.m.263 views

CVE-2025-2884

CVE-2025-2884 concerns the TCG TPM2.0 reference implementation. The vulnerability is in the CryptHmacSign helper, where an out-of-bounds read can occur due to improper validation of the signature scheme against the signature key’s algorithm. Sources reference Errata Revision 1.83 and the TCGVRT00...

6.6CVSS6.4AI score0.00199EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 9:9 a.m.9 views

CVE-2024-21533

All versions of the package ggit are vulnerable to Arbitrary Argument Injection via the clone API, which allows specifying the remote URL to clone and the file on disk to clone to. The library does not sanitize for user input or validate a given URL scheme, nor does it properly pass command-line...

6.5CVSS7AI score0.00601EPSS
Exploits0References1
Veracode
Veracode
added 2024/10/14 10:17 a.m.11 views

Arbitrary Argument Injection

ggit is vulnerable to Arbitrary Argument Injection. The vulnerability is due to the failure to sanitize user input and improper handling of command-line flags and doesn't validate the URL scheme or properly pass arguments to the git binary using the necessary -- POSIX characters, allowing attacke...

6.5CVSS6.9AI score0.00601EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/10/08 6:30 a.m.37 views

GHSA-PR45-CG4X-FF4M ggit is vulnerable to Arbitrary Argument Injection via the clone() API

All versions of the package ggit are vulnerable to Arbitrary Argument Injection via the clone API, which allows specifying the remote URL to clone and the file on disk to clone to. The library does not sanitize for user input or validate a given URL scheme, nor does it properly pass command-line...

6.9CVSS5.9AI score0.00601EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/09/30 3:17 p.m.41 views

CVE-2024-47530 Scout contains an Open Redirect on Login via `next`

Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lac...

5.4CVSS0.00371EPSS
Exploits1References2
Rows per page
Query Builder