26 matches found
EUVD-2026-13267
OpenClaw versions prior to 2026.2.21 contain an improper URL scheme validation vulnerability in the assertBrowserNavigationAllowed function that allows authenticated users with browser-tool access to navigate to file:// URLs. Attackers can exploit this by accessing local files readable by the...
CVE-1999-0203
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program...
PT-2025-53764
Name of the Vulnerable Software and Affected Versions affected versions not specified Description The software suffers from an open redirect issue, allowing an attacker to redirect users to a malicious website. This occurs due to improper validation of user-supplied URLs. The issue involves...
CVE-2025-13086
Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7alpha1 through 2.7rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client...
SolarWinds Observability Self-Hosted 输入验证错误漏洞
SolarWinds Observability Self-Hosted is an observation platform from SolarWinds USA. SolarWinds Observability Self-Hosted suffers from an input validation error vulnerability that stems from improper URL cleanup, which could lead to an open redirection attack...
EUVD-1999-0203
Malware in sbrugna...
CVE-2025-55114 BMC Control-M/Agent improper IP address filtering order
The improper order of AUTHORIZEDCTMIP validation in the Control-M/Agent, where the Control-M/Server IP address is validated only after the SSL/TLS handshake is completed, exposes the Control-M/Agent to vulnerabilities in the SSL/TLS implementation under certain non-default conditions e.g...
CVE-2021-25339
Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory...
CVE-2021-25416
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area...
Moderate: Red Hat Security Advisory: python3.9:3.9.21 security update
An update for the python3.9:3.9.21 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2023-20566
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity...
CVE-2023-20566
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity...
CVE-2023-20566
CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially compromise guest memory integrity. In SUSE advisories SUSE-SU-2023:4665-1 and SUSE-SU-2023:4664-1, kernel-firmware updates mitigate this alongside other SNP/SMU-related issues by updating AMD ucode to 20231030 and...
mod_auth_openidc: open redirect in oidc_validate_redirect_url()
A flaw was found in modauthopenidc where it does not sanitize redirection URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest...
CVE-2021-25415
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable...
CVE-2021-25415
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable...
CVE-2021-25416
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area...
CVE-2021-25339
Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory...
CVE-2021-25339
The CVE-2021-25339 entry relates to Samsung mobile devices with an improper address validation in HArx. Root cause stated: incorrect address validation can allow memory corruption in EL2 when the kernel is compromised. Affected scope is Samsung mobile devices prior to SMR Mar-2021 Release 1; expl...
CVE-2021-25339
Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory...