Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

AlpineLinux
AlpineLinuxadded 2025/12/09 12:35 a.m.2 views

CVE-2025-66490

Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPrefix, Path or PathRegex matchers can bypass path normalization. When Traefik uses path-based routing, requests containing URL-encoded restricted characters /, , Null,...

6.9CVSS5.8AI score0.00018EPSS
Exploits1References3
Veracode
Veracodeadded 2025/01/17 6:37 a.m.6 views

Credentials Exposure

github.com/git-lfs/git-lfs is vulnerable to Credential Exposure. The vulnerability is due to improper handling of URL-encoded control characters in Git LFS, which passes portions of a host's URL containing embedded line-ending control characters e.g., LF or CR to the git-credential command withou...

8.5CVSS6.7AI score0.00326EPSS
Exploits0References6Affected Software2
Vulnrichment
Vulnrichmentadded 2024/11/11 10:56 p.m.8 views

CVE-2024-23983 Access rules for PingAccess may be circumvented with URL-encoded characters

Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules...

5.8CVSS7.2AI score0.00112EPSS
Exploits0References2
CNVD
CNVDadded 2020/07/03 12:0 a.m.6 views

Unspecified Vulnerability in Mozilla Firefox (CNVD-2021-18236)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in the handling of URL-encoded characters in versions prior to Mozilla Firefox 78. An attacker could exploit this vulnerability to bypass security restrictions...

6.5CVSS6.4AI score0.00312EPSS
Exploits0References1
NVD
NVDadded 2010/02/17 6:30 p.m.9 views

CVE-2010-0642

Cisco Collaboration Server CCS 5 allows remote attackers to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by 1 changing .jhtml to %2Ejhtml, 2 changing .jhtml to .jhtm%6C, 3 appending %00 after .jhtml, and 4 appending %c0%80 after .jhtml,...

5CVSS6.8AI score0.03023EPSS
Exploits1References3
Cvelist
Cvelistadded 2010/02/17 6:0 p.m.15 views

CVE-2010-0642

Cisco Collaboration Server CCS 5 allows remote attackers to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by 1 changing .jhtml to %2Ejhtml, 2 changing .jhtml to .jhtm%6C, 3 appending %00 after .jhtml, and 4 appending %c0%80 after .jhtml,...

6.8AI score0.03023EPSS
Exploits1References3
Cvelist
Cvelistadded 2005/05/10 4:0 a.m.14 views

CVE-2004-1961

blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded "'" characters "%27"...

8.1AI score0.0029EPSS
Exploits1References4
Gentoo Linux
Gentoo Linuxadded 2005/01/11 12:0 a.m.30 views

KDE FTP KIOslave: Command injection

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. KDE provided KIOslaves for many protocols in the kdelibs package, one of them being FTP. These are used by KDE applications such as Konqueror. Description The FTP KIOslave fails to properly...

7.5CVSS3.7AI score0.14087EPSS
Exploits0
NVD
NVDadded 2002/10/04 4:0 a.m.9 views

CVE-2002-1133

Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read arbitrary files via ".." dot dot sequences with URL-encoded 1 "/" %2f" or 2 "" %5c characters...

5CVSS6.8AI score0.0262EPSS
Exploits1References4
Rows per page
Query Builder