189 matches found
CVE-2026-7504
A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentially leading to the exposure of sensitive information within the domain or facilitating further...
CLSA-2026-1774622460 squid: Fix of 3 CVEs
CVE-2025-59362: fix ASN.1 encoding of long SNMP OIDs - CVE-2026-33526: do not escape malformed URI twice when sending ICP errors - CVE-2026-33515: fix validation of ICP packet sizes and URLs...
CVE-2019-25571 MediaMonkey 4.1.23 Denial of Service via Malformed URL
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a...
MiracleLinux 7 : [security - medium] qt5 (AXSA:2019-4200:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4200:01 advisory. qt5-qtbase: Double free in QXmlStreamReader CVE-2018-15518 qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service...
CVE-2022-31093
NextAuth.js is a complete open source authentication solution for Next.js applications. In affected versions an attacker can send a request to an app using NextAuth.js with an invalid callbackUrl query parameter, which internally is converted to a URL object. The URL instantiation would fail due ...
CVE-2025-53533 Pi-hole Admin Interface vulnerable to cross-site scripting via malformed URL path on 404 error page
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting XSS via a malformed URL path. The 404 error page includes t...
CVE-2025-53533 Pi-hole Admin Interface vulnerable to cross-site scripting via malformed URL path on 404 error page
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting XSS via a malformed URL path. The 404 error page includes t...
CVE-2025-58084
Mattermost Desktop App versions = 5.13.0 fail to validate URLs external to the configured Mattermost servers, allowing an attacker on a server the user has configured to crash the user's application by sending the user a malformed URL...
CVE-2025-58084
Mattermost Desktop App up to version 5.13.0 is affected. The issue is due to improper validation of URLs external to configured Mattermost servers, allowing a malicious server to crash the user’s application by sending a malformed external URL. Affected product: Mattermost Desktop App (versions
EUVD-2015-3791
Malware in sbrugna...
EUVD-2000-0777
Malware in sbrugna...
EUVD-2002-0492
Malware in sbrugna...
EUVD-2003-1210
Malware in sbrugna...
EUVD-2006-5018
Malware in sbrugna...
EUVD-1999-0866
Malware in sbrugna...
EUVD-2000-0063
Malware in sbrugna...
EUVD-2004-2373
Malware in sbrugna...
EUVD-2010-2814
Malware in sbrugna...
EUVD-2000-0046
Malware in sbrugna...
EUVD-2003-1022
Malware in sbrugna...