Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.10 views

CVE-2026-44502

Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...

4.3CVSS5.8AI score0.00286EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 4:13 p.m.7 views

CVE-2026-44502

Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...

4.3CVSS5.8AI score0.00286EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/21 4:32 p.m.31 views

CVE-2026-40574 OAuth2 Proxy has an Authorization Bypass in Email Domain Validation via Malformed Multi-@ Email Claims

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Prior to 7.15.2, an authorization bypass exists in OAuth2 Proxy as part of the emaildomain enforcement option. An attacker may be able to authenticate with an email claim such as [email protected]@company.com and...

6.8CVSS0.00209EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.10 views

MiracleLinux 3 : httpd-2.2.3-53.3.0.1.AXS3 (AXSA:2011-346:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-346:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2011-3368 The modproxy module in the...

5CVSS7.4AI score0.90734EPSS
Exploits12References2
OSV
OSV
added 2025/12/08 9:31 p.m.3 views

GO-2025-4184 Mattermost Server vulnerable to Denial of Service through `@` character prefix inserted into JavaScript field names in github.com/mattermost/mattermost-server

Mattermost Server vulnerable to Denial of Service through @ character prefix inserted into JavaScript field names in github.com/mattermost/mattermost-server...

7.5CVSS6.8AI score0.01114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/06/19 3:42 a.m.4 views

SUSE CVE-2022-50075

In the Linux kernel, the following vulnerability has been resolved: tracing/eprobes: Have event probes be consistent with kprobes and uprobes Currently, if a symbol "@" is attempted to be used with an event probe eprobes, it will cause a NULL pointer dereference crash. Both kprobes and uprobes ca...

5.5CVSS6.4AI score0.00154EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.9 views

SUSE CVE-2011-4317

The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which...

4.3CVSS9.1AI score0.60783EPSS
Exploits3References6
OSV
OSV
added 2020/02/17 7:15 p.m.1 views

UBUNTU-CVE-2015-4715

The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x before 7.0.6, and 8.x before 8.0.4 when an external Dropbox storage has been mounted, allows remote administrators of Dropbox.com to read arbitrary files via an @ at sign character in unspecified POS...

4.9CVSS5.9AI score0.0144EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2012/05/07 6:16 p.m.8 views

httpd: reverse web proxy vulnerability

The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to...

5CVSS6.8AI score0.90734EPSS
Exploits12References5
RedHat Linux
RedHat Linux
added 2011/10/20 4:48 p.m.6 views

httpd: reverse web proxy vulnerability

The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to...

5CVSS6.8AI score0.90734EPSS
Exploits12References5
OSV
OSV
added 2005/02/09 5:0 a.m.4 views

DEBIAN-CVE-2004-0982

Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ at sign in a URL...

10CVSS8AI score0.06527EPSS
Exploits0References1
Rows per page
Query Builder