Lucene search
K

29 matches found

RedhatCVE
RedhatCVE
added 2025/12/17 10:24 a.m.3 views

CVE-2025-14766

Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High Mitigation To mitigate this issue, users should avoid visiting untrusted websites or opening...

8.8CVSS6.7AI score0.0281EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/17 10:23 a.m.1 views

CVE-2025-14765

A flaw was found in Chromium Google Chrome. This vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML HyperText Markup Language page due to a use after free in WebGPU Web Graphics Processing Unit. Mitigation To mitigate this issue, users should avoid...

8.8CVSS6.3AI score0.02595EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-5749

Malware in sbrugna...

8.1CVSS8.1AI score0.01681EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-3328

Malware in sbrugna...

5CVSS6.4AI score0.03513EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-0931

Malicious code in bioql PyPI...

7.6CVSS6.4AI score0.01145EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.6 views

PT-2024-10925 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this to hijack t...

5.2CVSS6.9AI score0.00267EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.6 views

The vulnerability of the Eclipse Glassfish application server relates to the redirection of URLs to an unreliable website, allowing attackers to redirect users to any given URL address.

The vulnerability of the Eclipse Glassfish application server is related to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a hacker to redirect users to any given URL address...

6.4CVSS5.5AI score0.00363EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/07/02 1:47 p.m.12 views

CVE-2024-38519

yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to the fixed versions, yt-dlp and youtube-dl do not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder and path traversal on Windows. Since yt-dlp and youtube-...

7.8CVSS5.8AI score0.00322EPSS
Exploits0
OSV
OSV
added 2024/03/06 10:51 a.m.16 views

BIT-CONCOURSE-2020-5409 Concourse Open Redirect in the /sky/login endpoint

Pivotal Concourse, most versions prior to 6.0.0, allows redirects to untrusted websites in its login flow. A remote unauthenticated attacker could convince a user to click on a link using the OAuth redirect link with an untrusted website and gain access to that user's access token in Concourse...

7.6CVSS5.8AI score0.00907EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/25 12:0 a.m.4 views

PT-2023-8358 · Apple · Safari +1

Name of the Vulnerable Software and Affected Versions: Safari versions prior to macOS Sonoma 14.1 Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to spoof the user interface. Visiting a malicious...

5CVSS5.2AI score0.00638EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/02/15 1:57 a.m.18 views

Pivotal Concourse Open Redirect in Login Flow

Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user's access token in Concourse...

7.6CVSS5.8AI score0.01145EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/02/15 1:57 a.m.24 views

GHSA-9689-RX4V-CQGC Pivotal Concourse Open Redirect in Login Flow

Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user's access token in Concourse...

5.4CVSS5.8AI score0.01145EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.4 views

The vulnerability of the redirect parameter in the fastify-static plugin allows a hacker to redirect users of Mozilla Firefox to arbitrary websites.

The vulnerability of the redirect parameter in the fastify-static plugin relates to the ability to redirect users to untrusted URLs. Exploiting this vulnerability allows a malicious actor to redirect users of Mozilla Firefox to arbitrary websites...

9CVSS7.7AI score0.00988EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2021/03/31 10:15 p.m.18 views

Open redirect

An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the tredirect parameter in a crafted URL, such as a /findv2/click URL...

5.8CVSS6AI score0.0474EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/03/31 9:32 p.m.17 views

CVE-2020-24550

An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the tredirect parameter in a crafted URL, such as a /findv2/click URL...

6.1AI score0.0474EPSS
Exploits1References1
NVD
NVD
added 2020/05/14 12:15 a.m.21 views

CVE-2020-5409

Pivotal Concourse, most versions prior to 6.0.0, allows redirects to untrusted websites in its login flow. A remote unauthenticated attacker could convince a user to click on a link using the OAuth redirect link with an untrusted website and gain access to that user's access token in Concourse...

7.6CVSS6.2AI score0.00907EPSS
Exploits0References1
OSV
OSV
added 2020/05/14 12:15 a.m.17 views

CVE-2020-5409

Pivotal Concourse, most versions prior to 6.0.0, allows redirects to untrusted websites in its login flow. A remote unauthenticated attacker could convince a user to click on a link using the OAuth redirect link with an untrusted website and gain access to that user's access token in Concourse...

6.1CVSS6.8AI score0.00907EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/05/13 11:15 p.m.22 views

CVE-2020-5409 Concourse Open Redirect in the /sky/login endpoint

Pivotal Concourse, most versions prior to 6.0.0, allows redirects to untrusted websites in its login flow. A remote unauthenticated attacker could convince a user to click on a link using the OAuth redirect link with an untrusted website and gain access to that user's access token in Concourse...

7.6CVSS6.6AI score0.00907EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/05/13 12:0 a.m.6 views

PT-2020-18463 · Pivotal · Concourse

Name of the Vulnerable Software and Affected Versions: Pivotal Concourse versions prior to 6.0.0 Description: The issue allows redirects to untrusted websites in its login flow. A remote unauthenticated attacker could convince a user to click on a link using the OAuth redirect link with an...

7.6CVSS6.7AI score0.00907EPSS
Exploits0References6
OSV
OSV
added 2018/12/19 10:29 p.m.21 views

CVE-2018-15798

Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user's access token in Concourse...

5.4CVSS6.9AI score0.01145EPSS
Exploits0References1
Rows per page
Query Builder