Lucene search
K

546 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.4 views

Automated Logic WebCTRL Premium Server URL Redirection to Untrusted Site (CVE-2024-8527)

CWE-601 URL Redirection to Untrusted Site 'Open Redirect' vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The application accepts a user-supplied URL and redirects without proper validation, allowing attackers to exploit user sessions through ...

8.6CVSS5.7AI score0.00139EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 9:16 p.m.12 views

CVE-2026-47645

Url redirection to untrusted site 'open redirect' in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network...

8.8CVSS0.00408EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/19 9:15 p.m.9 views

Ultimate Sitemap Parser (USP): Gzip Decompression Bomb Bypasses Sitemap Size Limit

Gzip Decompression Bomb Bypasses Sitemap Size Limit Summary ultimate-sitemap-parser enforces a 100 MiB size limit on sitemap responses, but applies it only to the compressed bytes received over the network. When a .gz sitemap is fetched, usp/helpers.py:239 calls gziplib.decompressdata with no...

5.8AI score
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/19 8:29 p.m.10 views

EUVD-2026-38091

Url redirection to untrusted site 'open redirect' in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.00408EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-51032

Name of the Vulnerable Software and Affected Versions Microsoft 365 Copilot's Business Chat affected versions not specified Description An open redirect issue exists, which is a flaw that allows a user to be redirected to an untrusted external website. This can enable an unauthorized attacker to...

8.8CVSS5.8AI score0.00408EPSS
Exploits0References7
NVD
NVD
added 2026/06/12 4:16 p.m.15 views

CVE-2026-50089

The Aqara IAM/SSO Gateway gw-builder.aqara.com provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 6.1 Medium, which can be used to set up a phishing attack...

6.1CVSS0.00147EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 3:2 p.m.11 views

CVE-2026-50089

CVE-2026-50089 affects the Aqara IAM/SSO Gateway (gw-builder.aqara.com) and is described as an open redirect (CWE-601). The issue can be leveraged to conduct phishing via untrusted redirects. According to the sources, the CVSS v3.1 base score is 6.1 (Medium): Attack vector Network, Attack complex...

6.1CVSS5.3AI score0.00147EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 3:2 p.m.9 views

EUVD-2026-36479

The Aqara IAM/SSO Gateway gw-builder.aqara.com provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 6.1 Medium, which can be used to set up a phishing attack...

6.1CVSS5.2AI score0.00147EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-48913

The Aqara IAM/SSO Gateway gw-builder.aqara.com provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 6.1 Medium, which can be used to set up a phishing attack...

6.1CVSS5.2AI score0.00147EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.8 views

CVE-2026-45448

CWE-601 URL redirection to untrusted site 'open redirect'...

4.3CVSS5.3AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.9 views

CVE-2026-2813

ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...

4.7CVSS5.2AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.9 views

CVE-2026-6795

URL redirection to untrusted site 'open redirect' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Parameter Injection. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...

9.6CVSS5.3AI score0.00233EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 5:51 p.m.10 views

CVE-2026-2813

ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...

4.7CVSS5.6AI score0.003EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/20 5:51 p.m.12 views

CVE-2026-2813 Unvalidated Redirect in ArcGIS Server

ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...

4.7CVSS5.6AI score0.003EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.14 views

PT-2026-42222

ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...

4.7CVSS5.6AI score0.003EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 5:16 p.m.15 views

CVE-2026-45448

CWE-601 URL redirection to untrusted site 'open redirect'...

4.3CVSS0.00166EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/14 5:16 p.m.8 views

CVE-2026-45448

CWE-601 URL redirection to untrusted site 'open redirect'...

4.3CVSS5.7AI score0.00166EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/14 4:48 p.m.13 views

EUVD-2026-30338

CWE-601 URL redirection to untrusted site 'open redirect'...

4.3CVSS5.7AI score0.00166EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 4:48 p.m.14 views

CVE-2026-45448

CVE-2026-45448 is associated with an open redirect (CWE-601) affecting ntopng per CVE listings. The vulnerability involves URL redirection to an untrusted site. Concrete exploit details, affected versions, and remediation steps are not provided in the connected documents. The CVSS-based impact is...

4.3CVSS5.7AI score0.00166EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:48 p.m.7 views

CVE-2026-45448

CWE-601 URL redirection to untrusted site 'open redirect'...

4.3CVSS5.7AI score0.00166EPSS
Exploits0References2
Rows per page
Query Builder