Lucene search
+L

5 matches found

Vulnrichment
Vulnrichment
added 2026/06/25 4:16 p.m.42 views

CVE-2026-9800 Keycloak-policy-enforcer: keycloak policy enforcer: authorization bypass via incorrect uri comparison

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...

8.1CVSS5.9AI score0.00301EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Hono 安全漏洞

Hono is a web framework written in TypeScript for the Hono community. Versions of Hono prior to 4.12.21 contained security vulnerabilities. These vulnerabilities stemmed from the ip-restriction middleware using string equality comparisons when comparing IP addresses after some normalization,...

5.3CVSS5.8AI score0.00244EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.6 views

PT-2025-37957

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw was discovered in the Linux kernel related to the initialization of fields within the sctp v6 from sk function in the SCTP Stream Control Transmission Protocol implementation...

5.5CVSS6.1AI score0.0016EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/09/22 12:0 a.m.8 views

The vulnerability of the software package for comparing URL addresses, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the URL-regex comparison software package is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

7.8CVSS7.1AI score0.02693EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2002/07/26 4:0 a.m.17 views

CVE-2002-0714

FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses...

7.5CVSS6.6AI score0.02746EPSS
Exploits0References11
Rows per page
Query Builder