Lucene search
K

26 matches found

EUVD
EUVD
added 2026/03/19 10:6 p.m.25 views

EUVD-2026-13267

OpenClaw versions prior to 2026.2.21 contain an improper URL scheme validation vulnerability in the assertBrowserNavigationAllowed function that allows authenticated users with browser-tool access to navigate to file:// URLs. Attackers can exploit this by accessing local files readable by the...

7.1CVSS5.8AI score0.00403EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/07 9:41 a.m.9 views

CVE-1999-0203

In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program...

10CVSS7.1AI score0.02084EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.4 views

PT-2025-53764

Name of the Vulnerable Software and Affected Versions affected versions not specified Description The software suffers from an open redirect issue, allowing an attacker to redirect users to a malicious website. This occurs due to improper validation of user-supplied URLs. The issue involves...

6.1CVSS6.3AI score0.00144EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2025/12/03 7:54 p.m.4 views

CVE-2025-13086

Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7alpha1 through 2.7rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client...

8.2CVSS7.7AI score0.0061EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.4 views

SolarWinds Observability Self-Hosted 输入验证错误漏洞

SolarWinds Observability Self-Hosted is an observation platform from SolarWinds USA. SolarWinds Observability Self-Hosted suffers from an input validation error vulnerability that stems from improper URL cleanup, which could lead to an open redirection attack...

4.8CVSS6.7AI score0.00217EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-1999-0203

Malware in sbrugna...

10CVSS6.4AI score0.02084EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/16 12:20 p.m.7 views

CVE-2025-55114 BMC Control-M/Agent improper IP address filtering order

The improper order of AUTHORIZEDCTMIP validation in the Control-M/Agent, where the Control-M/Server IP address is validated only after the SSL/TLS handshake is completed, exposes the Control-M/Agent to vulnerabilities in the SSL/TLS implementation under certain non-default conditions e.g...

6.9CVSS0.00362EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 9:38 p.m.6 views

CVE-2021-25339

Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory...

5.2CVSS6.8AI score0.00115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:25 p.m.7 views

CVE-2021-25416

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area...

6.5CVSS6.7AI score0.00121EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/12/12 9:23 a.m.27 views

Moderate: Red Hat Security Advisory: python3.9:3.9.21 security update

An update for the python3.9:3.9.21 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.8CVSS6.7AI score0.02303EPSS
Exploits1References3
OSV
OSV
added 2023/11/14 7:15 p.m.1 views

CVE-2023-20566

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity...

7.5CVSS5.8AI score0.00367EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/14 6:54 p.m.18 views

CVE-2023-20566

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity...

5.3CVSS8.7AI score0.00367EPSS
Exploits0References1
CVE
CVE
added 2023/11/14 6:54 p.m.62 views

CVE-2023-20566

CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially compromise guest memory integrity. In SUSE advisories SUSE-SU-2023:4665-1 and SUSE-SU-2023:4664-1, kernel-firmware updates mitigate this alongside other SNP/SMU-related issues by updating AMD ucode to 20231030 and...

7.5CVSS7.1AI score0.00367EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2022/05/10 1:36 p.m.4 views

mod_auth_openidc: open redirect in oidc_validate_redirect_url()

A flaw was found in modauthopenidc where it does not sanitize redirection URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest...

6.1CVSS7.2AI score0.02364EPSS
Exploits1References5
NVD
NVD
added 2021/06/11 3:15 p.m.10 views

CVE-2021-25415

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable...

5.5CVSS0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/06/11 2:33 p.m.13 views

CVE-2021-25415

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable...

5.6AI score0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/06/11 2:33 p.m.17 views

CVE-2021-25416

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area...

6.5AI score0.00121EPSS
Exploits0References1
OSV
OSV
added 2021/03/04 9:15 p.m.5 views

CVE-2021-25339

Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory...

5.2CVSS6AI score0.00115EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/03/04 9:0 p.m.19 views

CVE-2021-25339

Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory...

4.4CVSS5.5AI score0.00115EPSS
Exploits0References2
CVE
CVE
added 2021/03/04 9:0 p.m.58 views

CVE-2021-25339

The CVE-2021-25339 entry relates to Samsung mobile devices with an improper address validation in HArx. Root cause stated: incorrect address validation can allow memory corruption in EL2 when the kernel is compromised. Affected scope is Samsung mobile devices prior to SMR Mar-2021 Release 1; expl...

5.2CVSS5.2AI score0.00115EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder