CVE-2025-58405

The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, neither HTTP security headers nor HTML-based frame‑busting protections were detected. As a result, an attacker can embed the application inside a maliciously crafted IFRAME and trick users into...

CVE-2026-1696

Some HTTP security headers are not properly set by the web server when sending responses to the client application...

PT-2026-22128

Name of the Vulnerable Software and Affected Versions Web Server affected versions not specified Description The web server is not properly setting certain HTTP security headers in its responses to client applications. This could potentially expose the system to various attacks. Approximately...

PT-2025-41715

Name of the Vulnerable Software and Affected Versions HCL Unica Platform affected versions not specified Description The HCL Unica Platform is affected by improperly configured security-related HTTP headers. This configuration can result in browsers applying less secure default settings for...

keycloak: security headers missing on REST endpoints

A flaw was found in Keycloak’s Admin Console, where it is missing HTTP security headers in HTTP responses. This issue is not a direct vulnerability and may not lead to a security issue, but increases the chances of allowing attackers to exploit other security flaws. Examples of these possible...

CVE-2019-16515

An issue was discovered in ConnectWise Control formerly known as ScreenConnect 19.3.25270.7185. Certain HTTP security headers are not used...