SUSE CVE-2025-48938

go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URL...

UBUNTU-CVE-2025-48938

go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URL...

SUSE CVE-2024-53263

Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the git-credential1 command without checking for embedded line-ending control characters, and then sends any credentials it receives back fr...

Open Redirect

glewlwyd is vulnerable to open redirection. The vulnerability is due to improper validation of the redirecturi parameter, allowing attackers to redirect users to arbitrary web URLs...

CVE-2023-37624

Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links...

CVE-2023-37624

Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links...

CVE-2023-37624

Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links...

CVE-2023-37624

Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links...

CVE-2021-39425

SeedDMS v6.0.15 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links...

Open redirect

SeedDMS v6.0.15 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links...

CVE-2021-39425

SeedDMS v6.0.15 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links...

CVE-2021-39425

SeedDMS v6.0.15 contains an open redirect vulnerability: an attacker can lure a user into clicking a crafted link to redirect to an arbitrary URL. This affects SeedDMS’s web interface and originates from an open redirect in the application flow. The reported impact is user redirection; no exploit...

CVE-2021-39425

SeedDMS v6.0.15 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links...

CVE-2023-28702

ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands, disrupt system or terminate service...

CVE-2023-28702

CVE-2023-28702 affects the ASUS RT-AC86U router. The issue is a command injection flaw caused by failure to filter special characters in parameters of certain web URLs. A remote attacker with normal user privileges could exploit this to execute arbitrary system commands, potentially disrupt the s...

CVE-2022-22749

When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 96...

CVE-2022-22749

When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 96...

curl: HTTP proxy double-free

A vulnerability was found in curl. The issue occurs if curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL. It sets up the connection to the remote server by issuing a CONNECT request to the proxy and then tunnels the rest of the protocol through. An HTTP proxy might refuse this...

Backdoor.Win32.Guptachar.20 MVID-2022-0631 Insecure Credential Storage

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Guptachar.20 Vulnerability: Insecure Credential Storage Description: The...

CVE-2021-32504

Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system...