Lucene search
K

12 matches found

CNNVD
CNNVD
added 2026/06/10 12:0 a.m.12 views

Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

5.7CVSS5.8AI score0.00252EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/02 10:22 p.m.7 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect when certain URLs with path values starting with // are processed. An attacker can redirect users to external domains by supplying specially crafted protocol-relative URLs. Note: Users that utilise Declarative Mode are not...

8.7CVSS5.9AI score0.00162EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 1:6 p.m.32 views

CVE-2026-41423

Summary: CVE-2026-41423 corresponds to an SSRF vulnerability in @angular/platform-server during SSR, where URL handling can cause the server to treat the attacker’s domain as the local origin. This occurs when a crafted request (e.g., GET /evil.com/ HTTP/1.1) is passed to Angular’s rendering func...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/08 12:51 a.m.2 views

CVE-2026-21879 Kanboard vulnerable to Open Redirect via protocol-relative URLs

Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below are vulnerable to an Open Redirect attack that allows malicious actors to redirect authenticated users to attacker-controlled websites. By crafting URLs such as //evil.com, attackers can bypass the...

4.7CVSS6.2AI score0.0026EPSS
Exploits2References3
OSV
OSV
added 2024/08/12 1:38 p.m.2 views

DEBIAN-CVE-2024-39338

axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs...

7.5CVSS6.2AI score0.01414EPSS
Exploits1References1
OSV
OSV
added 2023/12/01 11:6 a.m.4 views

OESA-2023-1884 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

4.7CVSS7.2AI score0.00749EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2023/11/27 4:30 p.m.5 views

Mozilla: Incorrect parsing of relative URLs starting with "///"

The Mozilla Foundation Security Advisory describes this flaw as: Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites...

6.5CVSS7.3AI score0.01406EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/27 3:52 p.m.4 views

Mozilla: Incorrect parsing of relative URLs starting with "///"

The Mozilla Foundation Security Advisory describes this flaw as: Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites...

6.5CVSS7.3AI score0.01406EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/11/21 2:19 a.m.1 views

SUSE CVE-2023-48235

Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONGMAX - lnum will cause the overflow. Impact is low, user interactio...

2.8CVSS7.3AI score0.00749EPSS
Exploits0References6
OSV
OSV
added 2023/11/16 11:15 p.m.1 views

DEBIAN-CVE-2023-48235

Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONGMAX - lnum will cause the overflow. Impact is low, user interactio...

4.3CVSS6.3AI score0.00749EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/16 12:0 a.m.2 views

Vim Input Validation Error Vulnerability

Vim is a cross-platform text editor. An input validation error vulnerability exists in versions prior to Vim v9.0.2110, which stems from an overflow that can be inadvertently caused when parsing relative ex addresses...

4.3CVSS7AI score0.00749EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2008/07/02 12:48 p.m.3 views

Firefox arbitrary signed JAR code execution

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via 1 injection of JavaScript into documents within a JAR archive or 2 a JAR archive that uses relative URLs to JavaScript files...

7.5CVSS6.2AI score0.0281EPSS
Exploits1References4
Rows per page
Query Builder