Lucene search
K

4 matches found

CVE
CVE
added 2026/06/10 2:35 p.m.29 views

CVE-2026-48858

The CVE-2026-48858 entry describes a Server-Side Request Forgery (SSRF) flaw in Erlang/OTP ftp’s PASV path: the ftp_internal PASV handler accepts the server’s 227 response IP and passes it to gen_tcp:connect without validating it against the control connection peer, unlike EPSV handlers. This ena...

6.5CVSS5.6AI score0.00234EPSS
Exploits0References6Affected Software3
Vulnrichment
Vulnrichment
added 2026/05/07 3:0 a.m.6 views

CVE-2026-41670 Admidio: SAML Response Sent to Unvalidated Assertion Consumer Service URL from AuthnRequest

Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without validating it against the...

8.2CVSS5.9AI score0.0028EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.4 views

SUSE CVE-2020-25108

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response data length is not checked it can be set to an arbitrary value from a packet. This may lead to successful Denial-of-Service, and possibly Remote Code Execution...

9.8CVSS9.3AI score0.52259EPSS
Exploits0References3
OSV
OSV
added 2022/12/04 3:15 a.m.1 views

DEBIAN-CVE-2022-46391

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks...

6.1CVSS6.8AI score0.00655EPSS
Exploits0References1
Rows per page
Query Builder