29 matches found
Out of bounds read for cookie path
A cookie is set using the secure keyword for https://target curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set. The same cookie name is set - but with just a slash as path path="/". Since this site is not secure,...
CVE-2025-9086 Out of bounds read for cookie path
A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set 3. The same cookie name is set - but with just a slash as path path="/",. Since this site is not...
Out of bounds read for cookie path
A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set 3. The same cookie name is set - but with only a slash as path path="/". Since this site is not...
UBUNTU-CVE-2025-9086
A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set 3. The same cookie name is set - but with just a slash as path path="/",. Since this site is not...
FreeBSD : Mozilla -- redirection to insecure site (f02e3c59-116c-11f0-8b2c-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f02e3c59-116c-11f0-8b2c-b42e991fc52e advisory. [email protected] reports: When using Alt-Svc, ALPN did not properly validate certificates when the...
firefox: Alt-Svc ALPN validation failure when redirected
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...
firefox: Alt-Svc ALPN validation failure when redirected
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...
firefox: Alt-Svc ALPN validation failure when redirected
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...
CVE-2025-0239
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...
CVE-2025-0239
When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6...
CVE-2025-0239 Alt-Svc ALPN validation failure when redirected
When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6...
CVE-2025-0239
CVE-2025-0239 affects Mozilla Firefox and Thunderbird components via Alt-Svc with ALPN: certificates were not properly validated when the original server redirects to an insecure site. Affected versions are Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird
Mozilla -- redirection to insecure site
[email protected] reports: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...
The vulnerability in the web interface of the PAN-OS operating system of the Palo Alto Networks Panorama network switch management system allows a attacker to carry out cross-site scripting attacks.
The vulnerability of the PAN-OS operating system’s web interface in the Palo Alto Networks Panorama network switch management system is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site attacks remote...
The vulnerability of the Ad Hoc Transfer module of the WS_FTP Server allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Ad Hoc Transfer module of the WSFTP Server server is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability in the web interface for controlling Siemens SCALANCE industrial switches allows a hacker to execute arbitrary code.
The vulnerability of the web interface for controlling Siemens SCALANCE microprogrammable industrial controllers exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
SUSE CVE-2011-3388
Opera before 11.51 allows remote attackers to cause an insecure site to appear secure or trusted via unspecified actions related to Extended Validation and loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security...
The vulnerability of the Fortinet FortiManager software and FortiAnalyzer network switch, related to the lack of security measures for the website structure, allows attackers to execute cross-site scripting attacks.
The vulnerability of the Fortinet FortiManager device management software and the FortiAnalyzer network monitoring software is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform domain-level attacks by sending...
CVE-2020-26103
CVE-2020-26103 affects cPanel prior to 88.0.3, where an insecure site password is used for Mailman on a templated VM. Root cause is insecure credential handling for Mailman. Impact is limited to exposure/ misuse of the Mailman credential as described in the vulnerability, with no additional explo...
The vulnerability of the mod_rewrite function in the Apache Tomcat application server allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the modrewrite function in the Apache Tomcat application server is related to the redirection of URLs to insecure websites. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...