CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

419 matches found

OSV•added 2026/03/18 8:7 p.m.•1 views

GHSA-P7M9-V2CM-2H7M HAPI FHIR HTTP authentication leak in redirects

Impact When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of...

9.8CVSS5.8AI score0.00046EPSS

Exploits0References3

Vulnrichment•added 2026/03/11 10:8 a.m.•1 views

CVE-2026-1965 bad reuse of HTTP Negotiate connection

libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of...

5.8AI score0.00073EPSS

Exploits0References2

AlpineLinux•added 2026/03/11 10:8 a.m.•5 views

CVE-2026-1965

6.5CVSS5.8AI score0.00073EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 10:6 a.m.•5 views

CVE-2019-20138

The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...

7.5CVSS7.2AI score0.00171EPSS

Exploits0References1

SUSE Linux•added 2025/11/14 8:23 a.m.•3 views

Security update for squid

This update for squid fixes the following issues: CVE-2025-62168: Fixed failure to redact HTTP authentication credentials in error handling leading to information disclosure bsc1252281 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.6CVSS6.7AI score0.16244EPSS

Exploits1References4

OSV•added 2025/11/13 3:52 p.m.•2 views

CLSA-2025-1763024537 squid: Fix of CVE-2025-62168

CVE-2025-62168: fix failure to redact HTTP authentication credentials in error handling to prevent information disclosure...

10CVSS7.3AI score0.16244EPSS

Exploits1References1

Tenable Nessus•added 2025/10/29 12:0 a.m.•1 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : Squid vulnerability (USN-7845-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7845-1 advisory. Leonardo Giovannini discovered that Squid failed to redact HTTP Authentication credentials in a...

10CVSS5.6AI score0.16244EPSS

Exploits1References2