Lucene search
K

4 matches found

CVE
CVE
added 2026/07/08 12:3 a.m.15 views

CVE-2026-55430

Coder's workspace app (github.com/coder/coder) prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 trusts X-Forwarded-Host for routing because no middleware strips it before routing and httpapi.RequestHost() prefers that header over Host. This enables cross-app data access when subdomain (wildca...

6.8CVSS6AI score0.00208EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/07/07 4:41 p.m.8 views

GO-2026-5917 Coder's subdomain workspace app routing trusts unauthenticated X-Forwarded-Host header, enabling cross-app data access in github.com/coder/coder

Coder's subdomain workspace app routing trusts unauthenticated X-Forwarded-Host header, enabling cross-app data access in github.com/coder/coder...

6.8CVSS5.9AI score0.00208EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:1 a.m.6 views

CVE-2023-28461

Array Networks Array AG Series and vxAG 9.4.0.481 and earlier allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09...

9.8CVSS8AI score0.67645EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/02/10 12:0 a.m.5 views

Xilinx Zynq-7000 数据伪造问题漏洞

The Xilinx Zynq-7000 is a chip from Xilinx, Inc. The Xilinx Zynq-7000 SoC provides the software programmability of an ARM® architecture processor with the hardware programmability of an FPGA for critical analytics and hardware acceleration while integrating CPU, DSP, ASSP, and hybrid signaling on...

6.8CVSS7AI score0.00186EPSS
Exploits0References3
Rows per page
Query Builder