Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/04/01 5:3 p.m.5 views

CVE-2026-34360

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the /loadIG HTTP endpoint in the FHIR Validator HTTP service accepts a user-supplied URL via JSON body and makes server-side HTTP requests to it without any hostname,...

5.8CVSS5.8AI score0.00235EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/31 4:56 p.m.2 views

CVE-2026-34359 HAPI FHIR: Authentication Credential Leakage via Improper URL Prefix Matching on HTTP Redirect in HAPI FHIR Core

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, ManagedWebAccessUtils.getServer uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Because configured...

7.4CVSS5.8AI score0.00158EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.12 views

HAPI FHIR 代码问题漏洞

HAPI FHIR is an open-source Java-based HL7 FHIR API developed by HAPI FHIR. Versions of HAPI FHIR prior to 6.9.4 contained code vulnerabilities. These vulnerabilities stemmed from the /loadIG endpoint of the FHIR Validator HTTP service, which did not validate the URL provided by the user,...

5.8CVSS5.9AI score0.00235EPSS
Exploits1References1
Fedora
Fedora
added 2026/03/21 12:16 a.m.9 views

[SECURITY] Fedora 44 Update: wordpress-6.9.4-1.fc44

Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. Important information in /usr/share/doc/wordpress/README.fedora...

4.3CVSS5.9AI score0.00305EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.4 views

Fedora 43 : wordpress (2026-5774d46593)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5774d46593 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...

4.3CVSS5.9AI score0.00305EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.4 views

Fedora 44 : wordpress (2026-bf984d4931)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bf984d4931 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...

4.3CVSS5.9AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2021/08/04 11:15 p.m.1 views

CVE-2021-31869

Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injection issue in the specificID variable used by the application. This issue was fixed in version 6.9.4 of the product...

7.5CVSS7.4AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/04/20 6:59 p.m.4 views

CVE-2016-7540

coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service assertion failure by converting an image to rgf format...

6.5CVSS5.6AI score0.02771EPSS
Exploits0References7
OSV
OSV
added 2016/12/13 3:59 p.m.4 views

DEBIAN-CVE-2016-5691

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of 1 pixel.red, 2 pixel.green, and 3 pixel.blue...

9.8CVSS9.4AI score0.05445EPSS
Exploits1References1
Rows per page
Query Builder