CVE-2025-46341

creationtimestamp| type| source ---|---|--- 2025-06-04 21:18:13+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqsq64pjlt42 2025-06-04 22:47:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqsv6g2q352s...

CVE-2025-4206

creationtimestamp| type| source ---|---|--- 2025-05-09 11:25:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15713 2025-05-09 11:35:06+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loqdgxev76k2 2025-05-09...

CVE-2024-52597

creationtimestamp| type| source ---|---|--- 2024-11-20 14:09:40+00:00| seen| https://infosec.exchange/users/cve/statuses/113515677629085542 2024-11-20 16:15:10+00:00| seen| https://t.me/cvedetector/11608...

CVE-2021-3902

creationtimestamp| type| source ---|---|--- 2024-11-15 11:09:17+00:00| seen| https://infosec.exchange/users/cve/statuses/113486656738593782 2024-11-15 13:15:44+00:00| seen| https://t.me/cvedetector/11068...

CVE-2024-47121

creationtimestamp| type| source ---|---|--- 2024-09-26 21:21:25+00:00| seen| https://t.me/cvedetector/6455 2025-05-02 17:16:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14540...

IBM: SSRF via host header let access localhost via https://go.dialexa.com

The SSRF vulnerability via the host header was reported to IBM, analyzed, and remediated. The external researcher @mersa-v6 discovered this issue...

GHSA-MGWR-H7MV-FH29 Hwameistor Potential Permission Leakage of Cluster Level

Impact What kind of vulnerability is it? Who is impacted? This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a...

CVE-2023-27604

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged...

Open Redirect in OAuth2 Proxy

Impact As users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect URL is checked within the proxy and validated before redirecting the user...

GHSA-F3PG-QWVG-P99C Lenient Parsing of Content-Length Header When Prefixed with Plus Sign

Summary hyper's HTTP/1 server code had a flaw that incorrectly parses and accepts requests with a Content-Length header with a prefixed plus sign, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that doesn't parse such Content-Length headers, but forwards...

CVE-2019-18244

In OSIsoft PI System multiple products and versions, a local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue...

change fontset 'icons' to html entities to improve security compliance

It seems that the icons in Confluence are currently rendered using fontset. This can be an issue for organization especially banks that have strict security constraint fontset cannot be downloaded as a result this will not render on customer instance. I would recommend that we change the current...

CVE-2018-4821

...

CVE-2026-21745

CVE-2026-21745 entry is rejected/not used and does not represent an active vulnerability.