Lucene search
K

365 matches found

OSV
OSV
added 2025/11/18 12:1 p.m.9 views

CLSA-2025-1763467263 Fix CVE(s): CVE-2025-62168

SECURITY UPDATE: information disclosure via HTTP authentication credentials - debian/patches/CVE-2025-62168.patch: Fix bug causing visibility of proxy auth data to scripts by redacting credentials from error page code expansion output and mailto link generation - CVE-2025-62168...

10CVSS7.3AI score0.62871EPSS
Exploits1References1
OSV
OSV
added 2025/11/13 8:26 p.m.6 views

CVE-2025-64745 Astro development server error page vulnerable to reflected Cross-site Scripting

Astro is a web framework. Starting in version 5.2.0 and prior to version 5.15.6, a Reflected Cross-Site Scripting XSS vulnerability exists in Astro's development server error pages when the trailingSlash configuration option is used. An attacker can inject arbitrary JavaScript code that executes ...

2.7CVSS5.9AI score0.00239EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/11/13 8:26 p.m.5 views

CVE-2025-64745 Astro development server error page vulnerable to reflected Cross-site Scripting

Astro is a web framework. Starting in version 5.2.0 and prior to version 5.15.6, a Reflected Cross-Site Scripting XSS vulnerability exists in Astro's development server error pages when the trailingSlash configuration option is used. An attacker can inject arbitrary JavaScript code that executes ...

2.7CVSS5.5AI score0.00239EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/11/07 12:3 p.m.4 views

keycloak: Keycloak error_description injection on error pages

A flaw was found in Keycloak. Keycloak’s account console and other pages accept arbitrary text in the errordescription query parameter. This text is directly rendered in error pages without validation or sanitization. While HTML encoding prevents XSS, an attacker can craft URLs with misleading...

4.3CVSS5.8AI score0.00291EPSS
Exploits0References5
OSV
OSV
added 2025/10/29 10:15 p.m.5 views

CVE-2025-61959

Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...

6.9CVSS5.8AI score0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/29 9:54 p.m.8 views

CVE-2025-61959 Vertikal Systems Hospital Manager Backend Services Generation of Error Message Containing Sensitive Information

Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...

6.9CVSS0.00249EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/29 9:54 p.m.2 views

CVE-2025-61959 Vertikal Systems Hospital Manager Backend Services Generation of Error Message Containing Sensitive Information

Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...

6.9CVSS6.6AI score0.00249EPSS
Exploits0References2
OSV
OSV
added 2025/10/17 5:39 p.m.2 views

GHSA-27GC-WJ6X-9W55 Keycloak error_description injection on error pages that can trigger phishing attacks

Keycloak’s account console accepts arbitrary text in the errordescription query parameter. This text is directly rendered in error pages without validation or sanitization. While HTML encoding prevents XSS, an attacker can craft URLs with misleading messages e.g., fake support phone numbers or...

4.3CVSS5.9AI score0.00291EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-12578

Malware in sbrugna...

4.3CVSS4.8AI score0.00994EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0414

Malware in sbrugna...

5CVSS6.4AI score0.01653EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-26188

Malware in sbrugna...

4.3CVSS4.8AI score0.00704EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-3423

Malware in sbrugna...

4.3CVSS6.1AI score0.01437EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-10880

Malware in sbrugna...

6.1CVSS7.7AI score0.00567EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-3144

Malware in sbrugna...

4.3CVSS4.8AI score0.00946EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-4271

Malware in sbrugna...

6.1CVSS6.3AI score0.00692EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-14270

Malware in sbrugna...

4.7CVSS4.9AI score0.01165EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-17836

Malware in sbrugna...

6.1CVSS6.1AI score0.012EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-6887

Malware in sbrugna...

4.3CVSS4.6AI score0.00842EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-14300

Malware in sbrugna...

6.1CVSS6.3AI score0.00679EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2016-7151

Malware in sbrugna...

7.5CVSS7.6AI score0.04929EPSS
Exploits0References3
Rows per page
Query Builder