Lucene search
K

197 matches found

Github Security Blog
Github Security Blog
added 2026/05/05 6:33 p.m.10 views

Eclipse BaSyx Java Server SDK vulnerable to Server-Side Request Forgery

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...

8.6CVSS6.3AI score0.00516EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/05 6:27 p.m.10 views

Netty: Start-Line Injection in DefaultHttpRequest.setUri() Allows HTTP Request Smuggling and RTSP Request Injection

Summary Netty allows request-line validation to be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created first and its URI is later changed via setUri. The constructors reject CRLF and whitespace characters that would break the start-line, but setUri does not apply the same...

5.3CVSS5.9AI score0.00307EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/05 2:15 p.m.7 views

CVE-2026-7412

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...

8.6CVSS6.1AI score0.00516EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.17 views

PT-2026-37246

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.133.Final Netty versions prior to 4.2.13.Final Description Request-line validation can be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created and its URI is subsequently modified using the setUri...

5.3CVSS5.8AI score0.00307EPSS
Exploits1References478
NVD
NVD
added 2026/04/21 11:16 p.m.5 views

CVE-2026-4296

An incorrect regular expression vulnerability was identified in GitHub Enterprise Server that allowed an attacker to bypass OAuth redirect URI validation. An attacker with knowledge of a first-party OAuth application's registered callback URL could craft a malicious authorization link that, when...

8.8CVSS0.00317EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/21 10:12 p.m.35 views

CVE-2026-4296 Incorrect Regular Expression vulnerability in GitHub Enterprise Server allowed unauthorized access to user accounts via OAuth callback URL validation bypass

An incorrect regular expression vulnerability was identified in GitHub Enterprise Server that allowed an attacker to bypass OAuth redirect URI validation. An attacker with knowledge of a first-party OAuth application's registered callback URL could craft a malicious authorization link that, when...

7.5CVSS0.00317EPSS
Exploits0References7
OSV
OSV
added 2026/04/21 9:31 a.m.10 views

CLSA-2026-1776763910 libsoup: Fix of 2 CVEs

CVE-2026-1467: validate URI host characters when checking if a URI is valid - CVE-2026-1539: fix proxy credentials leak on cross-origin HTTP redirect...

5.8CVSS5.8AI score0.00312EPSS
Exploits1References1
OSV
OSV
added 2026/04/03 3:46 a.m.15 views

GHSA-CJMM-F4JC-QW8R DOMPurify ADD_ATTR predicate skips URI validation

Summary DOMPurify allows ADDATTR to be provided as a predicate function via EXTRAELEMENTHANDLING.attributeCheck. When the predicate returns true, isValidAttribute short-circuits the attribute check before URI-safe validation runs. An attacker who supplies a predicate that accepts specific...

5.3CVSS6AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/03 3:46 a.m.37 views

DOMPurify ADD_ATTR predicate skips URI validation

Summary DOMPurify allows ADDATTR to be provided as a predicate function via EXTRAELEMENTHANDLING.attributeCheck. When the predicate returns true, isValidAttribute short-circuits the attribute check before URI-safe validation runs. An attacker who supplies a predicate that accepts specific...

5.9AI score
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/04/03 3:46 a.m.6 views

Permissive List of Allowed Inputs

Overview org.webjars.npm:dompurify is a DOM-only XSS sanitizer for HTML, MathML and SVG. Affected versions of this package are vulnerable to Permissive List of Allowed Inputs in the ADDATTR predicate function via EXTRAELEMENTHANDLING.attributeCheck. An attacker can inject and execute malicious...

6.1CVSS6AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/02 1:54 p.m.10 views

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.4.11 Update

New Red Hat build of Keycloak 26.4.11 packages are available from the Customer Portal Red Hat build of Keycloak 26.4.11 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security...

8.1CVSS5.8AI score0.00523EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/04/02 1:54 p.m.13 views

keycloak: Keycloak: Information disclosure due to redirect_uri validation bypass

A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers URIs that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information...

7.3CVSS5.8AI score0.0044EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/02 12:37 p.m.23 views

CVE-2026-3872 Keycloak: keycloak: information disclosure due to redirect_uri validation bypass

A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers URIs that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information...

7.3CVSS0.0044EPSS
Exploits0References6
OSV
OSV
added 2026/03/11 4:0 p.m.7 views

GO-2026-4653 Pocket ID: OAuth redirect_uri validation bypass via userinfo/host confusion in github.com/pocket-id/pocket-id/backend

Pocket ID: OAuth redirecturi validation bypass via userinfo/host confusion in github.com/pocket-id/pocket-id/backend...

7.1CVSS5.8AI score0.00204EPSS
Exploits0References3
CVE
CVE
added 2026/03/09 10:17 p.m.17 views

CVE-2026-28512

Technical details for CVE-2026-28512 are not provided in the supplied documents; only the high-level description is present. Monitor for official updates and vendor advisories for affected products and fixes.

7.1CVSS5.8AI score0.00204EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/05 11:51 a.m.5 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to jetty-server

Summary IBM webMethods BPM uses jetty-server as a transitive dependency brought in by the WebMethods Integration Server is-server dependency. The Integration Server runtime uses Jetty internally for its web server infrastructure. Vulnerability Details CVEID:CVE-2024-8184 DESCRIPTION: There exists...

6.5CVSS6AI score0.01037EPSS
Exploits1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/09 7:40 a.m.4 views

CVE-2026-22905

An unauthenticated remote attacker can bypass authentication by exploiting insufficient URI validation and using path traversal sequences e.g., /js/../cgi-bin/post.cgi, gaining unauthorized access to protected CGI endpoints and configuration downloads...

7.5CVSS5.6AI score0.00619EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.9 views

PT-2026-7083

An unauthenticated remote attacker can bypass authentication by exploiting insufficient URI validation and using path traversal sequences e.g., /js/../cgi-bin/post.cgi, gaining unauthorized access to protected CGI endpoints and configuration downloads...

7.5CVSS5.6AI score0.00619EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.7 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 17 vulnerabilities (USN-7998-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7998-1 advisory. It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remo...

7.5CVSS6.1AI score0.00864EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/29 7:37 a.m.17 views

Security Bulletin: IBM Operational Decision Manager for December 2025 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed Vulnerability Details CVEID:CVE-2025-58056...

7.5CVSS6.4AI score0.02164EPSS
Exploits4Affected Software1
Rows per page
Query Builder