Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18267

Malware in sbrugna...

6.1CVSS6.3AI score0.00632EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.13 views

EulerOS Virtualization 2.12.0 : wget (EulerOS-SA-2024-2780)

According to the versions of the wget package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior ...

9.1CVSS7AI score0.00672EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 7 : lynx (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - lynx: Invalid URL parsing of pages containing '?' CVE-2016-9179 - lynx: Use after free in...

8AI score0.04455EPSS
Exploits0References3
NVD
NVD
added 2021/08/24 9:15 p.m.16 views

CVE-2021-32779

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI 'fragment' element as part of the path element. Envoy is configured with an RBAC filter for authorization or similar mechanism with...

8.6CVSS0.00948EPSS
Exploits0References2
OSV
OSV
added 2021/08/24 9:15 p.m.18 views

CVE-2021-32779

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI 'fragment' element as part of the path element. Envoy is configured with an RBAC filter for authorization or similar mechanism with...

8.3CVSS8.7AI score
Exploits0References2
Huntr
Huntr
added 2021/07/06 8:6 a.m.6 views

Open Redirect in medialize/uri.js

✍️ Description urijs mishandles certain uses of backslash such as https:/\ and interprets the URI as a relative path. Browsers accept backslashes after the protocol, and treat it as a normal slash, while url-parse sees it as a relative path. 🕵️‍♂️ Proof of Concept 1. Create the following PoC file:...

5.8CVSS0.02483EPSS
Exploits2References1
OSV
OSV
added 2021/02/22 12:15 a.m.28 views

CVE-2021-27515

url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path...

5.3CVSS6.7AI score0.01964EPSS
Exploits1References5
Zero Day Initiative
Zero Day Initiative
added 2019/01/25 12:0 a.m.34 views

Cisco Webex Teams Cisco Spark URI Handler Remote Command Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webex Cisco Spark. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. There is an issue with the way the product handles URIs within...

8.8CVSS3.7AI score0.46891EPSS
Exploits3References1
NVD
NVD
added 2018/09/14 7:29 a.m.15 views

CVE-2018-17039

MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted URI because $SERVER'REQUESTURI' is mishandled...

6.1CVSS5.9AI score0.00865EPSS
Exploits1References1
NVD
NVD
added 2018/04/22 3:29 p.m.21 views

CVE-2018-10297

Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp&ac=article URI, related to mishandling of IMG elements associated with remote images...

5.4CVSS5.3AI score0.00531EPSS
Exploits1References1
Rows per page
Query Builder