Lucene search
K

4 matches found

NVD
NVD
added 2026/05/19 12:16 p.m.32 views

CVE-2026-7504

A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentially leading to the exposure of sensitive information within the domain or facilitating further...

8.1CVSS0.005EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/19 11:1 a.m.8 views

CVE-2026-7504 Org.keycloak/keycloak-services: open redirect when using wildcard valid redirect uris in keycloak

A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentially leading to the exposure of sensitive information within the domain or facilitating further...

8.1CVSS5.7AI score0.005EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.1 views

SUSE CVE-2022-41966

XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for...

7.5CVSS7.1AI score0.08689EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2011/02/11 12:44 a.m.7 views

JDK Double.parseDouble Denial-Of-Service

The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...

5CVSS6.1AI score0.2349EPSS
Exploits1References4
Rows per page
Query Builder