Lucene search
K

18 matches found

Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.3 views

PT-2026-26206

Name of the Vulnerable Software and Affected Versions HAPI FHIR versions prior to 6.9.0 Description HAPI FHIR, a Java implementation of the HL7 FHIR standard, is affected by an issue where HTTP headers, potentially containing privacy-sensitive information, are sent to both the initial host and an...

7.5CVSS5.5AI score0.00264EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.6 views

CVE-2025-61782

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...

5.4CVSS7AI score0.0022EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/07 5:28 p.m.7 views

EUVD-2025-206265

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...

5.4CVSS6.5AI score0.0022EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/07 5:28 p.m.23 views

CVE-2025-61782 Open Redirect in OpenCTI's SAML Authentication Flow

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...

5.4CVSS0.0022EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/07 5:28 p.m.6 views

CVE-2025-61782 Open Redirect in OpenCTI's SAML Authentication Flow

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...

5.4CVSS6.7AI score0.0022EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.11 views

PT-2026-1834

Name of the Vulnerable Software and Affected Versions OpenCTI versions prior to 6.8.3 Description OpenCTI is a platform for managing cyber threat intelligence knowledge. A flaw exists in the SAML authentication endpoint /auth/saml/callback that allows for open redirection. Manipulating the...

6.1CVSS6.6AI score0.0022EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/10/29 8:11 p.m.4 views

CVE-2025-62368

Taiga is an open source project management platform. In versions 6.8.3 and earlier, a remote code execution vulnerability exists in the Taiga API due to unsafe deserialization of untrusted data. This issue is fixed in version 6.9.0...

9CVSS8AI score0.01405EPSS
Exploits2References1
NVD
NVD
added 2025/10/28 9:15 p.m.3 views

CVE-2025-62368

Taiga is an open source project management platform. In versions 6.8.3 and earlier, a remote code execution vulnerability exists in the Taiga API due to unsafe deserialization of untrusted data. This issue is fixed in version 6.9.0...

9CVSS0.01405EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/28 8:8 p.m.4 views

EUVD-2025-36562

Taiga is an open source project management platform. In versions 6.8.3 and earlier, a remote code execution vulnerability exists in the Taiga API due to unsafe deserialization of untrusted data. This issue is fixed in version 6.9.0...

9CVSS7.5AI score0.01405EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/10/28 8:8 p.m.2 views

CVE-2025-62368 Taiga Authenticated Remote Code Execution

Taiga is an open source project management platform. In versions 6.8.3 and earlier, a remote code execution vulnerability exists in the Taiga API due to unsafe deserialization of untrusted data. This issue is fixed in version 6.9.0...

9CVSS7.6AI score0.01405EPSS
Exploits2References1
CVE
CVE
added 2025/10/28 8:8 p.m.26 views

CVE-2025-62368

Taiga CVE-2025-62368 affects Taiga Open Source Project Management

9CVSS7.7AI score0.01405EPSS
Exploits2References1
OSV
OSV
added 2025/10/28 8:8 p.m.4 views

CVE-2025-62368 Taiga Authenticated Remote Code Execution

Taiga is an open source project management platform. In versions 6.8.3 and earlier, a remote code execution vulnerability exists in the Taiga API due to unsafe deserialization of untrusted data. This issue is fixed in version 6.9.0...

9CVSS8.1AI score0.01405EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2025/10/28 8:6 p.m.2 views

CVE-2025-62367 Taiga Blind SQL Injection Time Based

Taiga is an open source project management platform. In versions 6.8.3 and earlier, Taiga API is vulnerable to time-based blind SQL injection allowing sensitive data disclosure via response timing. This issue is fixed in version 6.9.0...

4.8CVSS7.2AI score0.00196EPSS
Exploits0References1
OSV
OSV
added 2025/10/28 8:6 p.m.3 views

CVE-2025-62367 Taiga Blind SQL Injection Time Based

Taiga is an open source project management platform. In versions 6.8.3 and earlier, Taiga API is vulnerable to time-based blind SQL injection allowing sensitive data disclosure via response timing. This issue is fixed in version 6.9.0...

4.8CVSS7.7AI score0.00196EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 2:8 a.m.9 views

CVE-2023-6837

Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. In order for this vulnerability to have any impact on your deployment, following conditions must be met: An IDP configured for federated authentication and JIT provisioning enabled with...

8.5CVSS8.4AI score0.0046EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/07/27 12:0 a.m.5 views

PT-2022-12936 · Unknown · Goanywhere Mft

Name of the Vulnerable Software and Affected Versions: GoAnywhere MFT versions prior to 6.8.3 Description: A path traversal issue exists that could allow an external user who self-registers with specific username and/or profile information to access files at a higher directory level than intended...

6.5CVSS6.4AI score0.00864EPSS
Exploits0References6
Circl
Circl
added 2022/06/08 2:45 p.m.7 views

CVE-2022-1683

creationtimestamp| type| source ---|---|--- 2022-06-08 14:45:54+00:00| seen| https://t.me/cibsecurity/44005...

8.8CVSS8.1AI score0.0151EPSS
Exploits2References1
CNVD
CNVD
added 2020/04/17 12:0 a.m.2 views

NETGEAR WAC505 and WAC510 Information Disclosure Vulnerability

Both the NETGEAR WAC505 and NETGEAR WAC510 are a wireless access point AP from NETGEAR. An information disclosure vulnerability exists in the NETGEAR WAC505 version prior to V5.6.8.3 and the WAC510 version prior to V5.6.8.3, which can be exploited by an attacker to obtain sensitive information...

9.4CVSS6.2AI score0.0113EPSS
Exploits0References1
Rows per page
Query Builder