Lucene search
K

419 matches found

Cvelist
Cvelist
added 2026/03/02 11:16 a.m.21 views

CVE-2025-58405 Lack of protection mechanisms against Clickjacking attacks

The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, neither HTTP security headers nor HTML-based frame‑busting protections were detected. As a result, an attacker can embed the application inside a maliciously crafted IFRAME and trick users into...

5.3CVSS0.00172EPSS
Exploits0References2
CVE
CVE
added 2026/03/02 11:16 a.m.14 views

CVE-2025-58405

The CVE-2025-58405 entry concerns the CGM CLININET application, where the component does not implement any mechanisms to prevent clickjacking. The Red Hat RH CVEs likewise describe the same issue. Technical details indicate a lack of HTTP security headers or frame-busting protections, enabling em...

6.1CVSS5.9AI score0.00172EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.5 views

CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a security vulnerability, which stems from the absence of necessary security HTTP headers in responses. This vulnerability may lead to client-side attacks such as clickjacking, MIME...

5.3CVSS5.8AI score0.00184EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.5 views

PT-2026-22578

Name of the Vulnerable Software and Affected Versions CGM CLININET affected versions not specified Description The CGM CLININET application lacks defenses against clickjacking attacks. Specifically, it does not utilize HTTP security headers or HTML-based frame-busting protections. This allows an...

8.8CVSS5.8AI score0.00186EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2026/02/27 10:24 p.m.491 views

cipher-xbow-benchmark

Cipher XBOW Benchmark Results Black-box assessment results fr...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/27 10:14 a.m.7 views

CVE-2026-1696

Some HTTP security headers are not properly set by the web server when sending responses to the client application...

6.1CVSS5.9AI score0.00143EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/26 9:30 a.m.7 views

EUVD-2026-8840

Some HTTP security headers are not properly set by the web server when sending responses to the client application...

2.3CVSS5.4AI score0.00143EPSS
Exploits0References2
OSV
OSV
added 2026/02/26 8:16 a.m.4 views

CVE-2026-1696

Some HTTP security headers are not properly set by the web server when sending responses to the client application...

6.1CVSS5.8AI score0.00143EPSS
Exploits0References1
NVD
NVD
added 2026/02/26 8:16 a.m.8 views

CVE-2026-1696

Some HTTP security headers are not properly set by the web server when sending responses to the client application...

6.1CVSS0.00143EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/26 7:57 a.m.5 views

CVE-2026-1696

Some HTTP security headers are not properly set by the web server when sending responses to the client application...

6.1CVSS5.4AI score0.00143EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/26 7:57 a.m.4 views

CVE-2026-1696 Missing security HTTP headers

Some HTTP security headers are not properly set by the web server when sending responses to the client application...

2.3CVSS5.3AI score0.00143EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/26 7:57 a.m.27 views

CVE-2026-1696 Missing security HTTP headers

Some HTTP security headers are not properly set by the web server when sending responses to the client application...

2.3CVSS0.00143EPSS
Exploits0References1
CVE
CVE
added 2026/02/26 7:57 a.m.15 views

CVE-2026-1696

CVE-2026-1696 describes a vulnerability where HTTP security headers are not properly set by the web server in responses to client applications. Affected component is the web server’s handling of security headers; root cause is misconfiguration or omission of headers in responses. Impact is descri...

6.1CVSS5.4AI score0.00143EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.6 views

PT-2026-22128

Name of the Vulnerable Software and Affected Versions Web Server affected versions not specified Description The web server is not properly setting certain HTTP security headers in its responses to client applications. This could potentially expose the system to various attacks. Approximately...

6.1CVSS5.8AI score0.00143EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.9 views

PcVue 安全漏洞

PcVue is a reliable, secure, and powerful operational software platform developed by PcVue Corporation. It is specifically designed for monitoring and controlling applications in markets such as building management and park management. PcVue has a security vulnerability that stems from incorrect...

6.1CVSS5.8AI score0.00143EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/06 7:23 p.m.4 views

CVE-2026-25642 HedgeDoc security headers for uploaded files were not working

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

4.3CVSS5.4AI score0.00194EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/20 6:18 p.m.5 views

CVE-2025-55249

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

5.3CVSS5.4AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2026/01/19 6:16 p.m.3 views

CVE-2025-55249

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

5.3CVSS5.8AI score0.00169EPSS
Exploits0References1
NVD
NVD
added 2026/01/19 6:16 p.m.7 views

CVE-2025-55249

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

5.3CVSS0.00169EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/19 6:1 p.m.4 views

CVE-2025-55249 HCL AION is affected by a Missing Security Response Headers vulnerability.

HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibility to common web-based attacks...

3.5CVSS5.4AI score0.00169EPSS
Exploits0References1
Rows per page
Query Builder