419 matches found
CVE-2025-58405 Lack of protection mechanisms against Clickjacking attacks
The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, neither HTTP security headers nor HTML-based frame‑busting protections were detected. As a result, an attacker can embed the application inside a maliciously crafted IFRAME and trick users into...
CVE-2025-58405
The CVE-2025-58405 entry concerns the CGM CLININET application, where the component does not implement any mechanisms to prevent clickjacking. The Red Hat RH CVEs likewise describe the same issue. Technical details indicate a lack of HTTP security headers or frame-busting protections, enabling em...
CGM CLININET 安全漏洞
CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a security vulnerability, which stems from the absence of necessary security HTTP headers in responses. This vulnerability may lead to client-side attacks such as clickjacking, MIME...
PT-2026-22578
Name of the Vulnerable Software and Affected Versions CGM CLININET affected versions not specified Description The CGM CLININET application lacks defenses against clickjacking attacks. Specifically, it does not utilize HTTP security headers or HTML-based frame-busting protections. This allows an...
cipher-xbow-benchmark
Cipher XBOW Benchmark Results Black-box assessment results fr...
CVE-2026-1696
Some HTTP security headers are not properly set by the web server when sending responses to the client application...
EUVD-2026-8840
Some HTTP security headers are not properly set by the web server when sending responses to the client application...
CVE-2026-1696
Some HTTP security headers are not properly set by the web server when sending responses to the client application...
CVE-2026-1696
Some HTTP security headers are not properly set by the web server when sending responses to the client application...
CVE-2026-1696
Some HTTP security headers are not properly set by the web server when sending responses to the client application...
CVE-2026-1696 Missing security HTTP headers
Some HTTP security headers are not properly set by the web server when sending responses to the client application...
CVE-2026-1696 Missing security HTTP headers
Some HTTP security headers are not properly set by the web server when sending responses to the client application...
CVE-2026-1696
CVE-2026-1696 describes a vulnerability where HTTP security headers are not properly set by the web server in responses to client applications. Affected component is the web server’s handling of security headers; root cause is misconfiguration or omission of headers in responses. Impact is descri...
PT-2026-22128
Name of the Vulnerable Software and Affected Versions Web Server affected versions not specified Description The web server is not properly setting certain HTTP security headers in its responses to client applications. This could potentially expose the system to various attacks. Approximately...
PcVue 安全漏洞
PcVue is a reliable, secure, and powerful operational software platform developed by PcVue Corporation. It is specifically designed for monitoring and controlling applications in markets such as building management and park management. PcVue has a security vulnerability that stems from incorrect...
CVE-2026-25642 HedgeDoc security headers for uploaded files were not working
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...
CVE-2025-55249
HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...
CVE-2025-55249
HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...
CVE-2025-55249
HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...
CVE-2025-55249 HCL AION is affected by a Missing Security Response Headers vulnerability.
HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...