CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

CVE•added 2025/02/19 8:18 p.m.•2652 views

CVE-2025-25196

CVE-2025-25196 concerns OpenFGA (< v1.8.4; Helm chart < openfga-0.2.22; docker

9.8CVSS6.4AI score0.00097EPSS

Exploits0References2Affected Software2

CVE•added 2024/01/05 9:2 p.m.•62 views

CVE-2024-21641

Summary: CVE-2024-21641 affects Flarum versions before 1.8.5, where the /logout redirect parameter can be abused to redirect users to arbitrary links within a trusted domain, enabling open redirects. Impact: Unauthenticated users could be redirected by a trusted Flarum instance; for logged-in use...

6.5CVSS4.6AI score0.39082EPSS

Exploits0References3Affected Software1

Cvelist•added 2024/01/05 9:2 p.m.•24 views

CVE-2024-21641 Flarum's Logout Route allows open redirects

Flarum is open source discussion platform software. Prior to version 1.8.5, the Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a trusted domain of the Flarum installation to redirect to any link. For logged-in users, the logout must be...

6.5CVSS7.6AI score0.39082EPSS

Exploits0References3

NVD•added 2022/09/13 3:15 p.m.•11 views

CVE-2022-38537

Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the startfile, endfile, starttime, and stoptime parameters in the binlog2sql interface...

9.8CVSS0.00322EPSS

Exploits0References3