Other

Express.js Express open redirect | CVE-2024-29041

March 28, 2024

NAME__________Express.js Express open redirectPlatforms Affected:Express.js Express 4.19.1 Express.js Express 5.0.0-alpha.1 Express.js Express 5.0.0-beta.2Risk Level:6.1Exploitability:UnprovenConsequences:Other DESCRIPTION__________Express.js Express could allow a remote...

Peering Manager open redirect | CVE-2024-28113

March 14, 2024

NAME__________Peering Manager open redirectPlatforms Affected:Peering Manager Peering Manager 1.8.1Risk Level:3.5Exploitability:UnprovenConsequences:Other DESCRIPTION__________Peering Manager could allow a remote authenticated attacker to conduct...

Docassemble open redirect | CVE-2024-27291

March 2, 2024

NAME__________Docassemble open redirectPlatforms Affected:Jonathan Pyle Docassemble 1.4.53 Jonathan Pyle Docassemble 1.4.96Risk Level:6.1Exploitability:UnprovenConsequences:Other DESCRIPTION__________Docassemble could allow a remote attacker to conduct...

Hoppscotch open redirect | CVE-2024-27092

February 29, 2024

NAME__________Hoppscotch open redirectPlatforms Affected:Hoppscotch Hoppscotch 2023.12.5Risk Level:5.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________Hoppscotch could allow a remote authenticated attacker to conduct phishing attacks, caused by...

LIVEBOX Collaboration vDesk open redirect | CVE-2022-45169

February 27, 2024

NAME__________LIVEBOX Collaboration vDesk open redirectPlatforms Affected:LIVEBOX Collaboration vDesk 031Risk Level:5.7Exploitability:UnprovenConsequences:Other DESCRIPTION__________LIVEBOX Collaboration vDesk could allow a remote authenticated attacker to...

Liferay Portal and DXP open redirect | CVE-2024-25609

February 22, 2024

NAME__________Liferay Portal and DXP open redirectPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Other DESCRIPTION__________Liferay Portal and DXP could allow a remote attacker to conduct phishing...

Liferay Portal and DXP open redirect | CVE-2024-25608

February 22, 2024

a-blog cms open redirect | CVE-2024-25559

February 16, 2024

NAME__________a-blog cms open redirectPlatforms Affected:Appleple a-blog CMS 3.1.0 Appleple a-blog CMS 3.1.8Risk Level:7.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________a-blog cms could allow a remote attacker...

Mercari App for Android URL redirect | CVE-2024-23388

January 25, 2024

NAME__________Mercari App for Android URL redirectPlatforms Affected:Mercari Mercari App for Android 5.77.0Risk Level:3.3Exploitability:UnprovenConsequences:Other DESCRIPTION__________Mercari App for Android could allow a...

Nextcloud User Saml open redirect | CVE-2024-22400

January 24, 2024

NAME__________Nextcloud User Saml open redirectPlatforms Affected:Nextcloud User Saml 5.1.4 Nextcloud User Saml 5.2.4 Nextcloud User Saml 6.0.0 Nextcloud User Saml...

Nextcloud Guests security bypass | CVE-2024-22402

January 24, 2024

NAME__________Nextcloud Guests security bypassPlatforms Affected:Nextcloud Guests 2.4.0 Nextcloud Guests 2.5.0 Nextcloud Guests 3.0.0Risk Level:5.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________Nextcloud Guests could allow a remote...

Nextcloud Guests security bypass | CVE-2024-22401

January 24, 2024

NAME__________Nextcloud Guests security bypassPlatforms Affected:Nextcloud Guests 2.4.0 Nextcloud Guests 2.5.0 Nextcloud Guests 3.0.0Risk Level:4.1Exploitability:UnprovenConsequences:Other DESCRIPTION__________Nextcloud Guests could allow a remote...

CodeAstro Internet Banking System open redirect | CVE-2024-0781

January 24, 2024

NAME__________CodeAstro Internet Banking System open redirectPlatforms Affected:CodeAstro Internet Banking System 1.0Risk Level:6.5Exploitability:UnprovenConsequences:Other DESCRIPTION__________CodeAstro Internet Banking System could allow a remote...

Access analysis CGI An-Analyzer open redirect | CVE-2024-22113

January 23, 2024

NAME__________Access analysis CGI An-Analyzer open redirect Platforms Affected:Access analysis CGI An-Analyzer 2023Risk Level:4.7Exploitability:UnprovenConsequences:Other DESCRIPTION__________Access analysis CGI An-Analyzer could allow a...

X.Org server weak security | CVE-2024-0409

January 19, 2024

NAME__________X.Org server weak securityPlatforms Affected:X.Org Server 21.1.10 X.Org XWayland 23.2.3Risk Level:7.8Exploitability:UnprovenConsequences:Other DESCRIPTION__________X.Org server could provide weaker than expected security, caused...

SAP S/4HANA Finance security bypass | CVE-2024-21736

January 11, 2024

NAME__________SAP S/4HANA Finance security bypassPlatforms Affected:SAP S/4HANA Finance SAPSCORE 128 SAP S/4HANA Finance S4CORE 10Risk Level:6.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________SAP S/4HANA Finance could...

SAP Marketing open redirect | CVE-2024-21734

January 10, 2024

NAME__________SAP Marketing open redirectPlatforms Affected:SAP Marketing 160Risk Level:4.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________SAP Marketing could allow a remote authenticated attacker to conduct phishing attacks,...

SAP S/4HANA Finance security bypass | CVE-2024-21736

January 10, 2024

SAP Microsoft Edge browser extension information disclosure | CVE-2024-22125

January 10, 2024

NAME__________SAP Microsoft Edge browser extension information disclosurePlatforms Affected:SAP Microsoft Edge browser extension 1.0Risk Level:7.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________SAP Microsoft Edge browser extension could...

SAP LT Replication Server privilege escalation | CVE-2024-21735

January 10, 2024

NAME__________SAP LT Replication Server privilege escalationPlatforms Affected:SAP LT Replication Server S4CORE 103 SAP LT Replication Server S4CORE 104 SAP LT...

Keycloak open redirect | CVE-2023-6927

December 20, 2023

NAME__________Keycloak open redirectPlatforms Affected:Keycloak KeycloakRisk Level:4.6Exploitability:UnprovenConsequences:Other DESCRIPTION__________Keycloak could allow a remote authenticated attacker to conduct phishing attacks, caused by an...

Beckhoff authelia-bhf included in TwinCAT/BSD open redirect | CVE-2023-6545

December 19, 2023

NAME__________Beckhoff authelia-bhf included in TwinCAT/BSD open redirectPlatforms Affected:Beckhoffs authelia-bhf 4.37Risk Level:4.3Exploitability:UnprovenConsequences:Other DESCRIPTION__________Beckhoff authelia-bhf included in TwinCAT/BSD could allow a remote...

PRIMX products open redirect | CVE-2023-50440

December 19, 2023

NAME__________PRIMX products open redirectPlatforms Affected:PRIMX ZED! Q.2020.2 PRIMX ZED! Q.2021.1 PRIMX ZONECENTRAL Q.2021.1 PRIMX ZONECENTRAL 2023.4 PRIMX ZEDMAIL 2023.4 PRIMX...

Apache Shiro open redirect | CVE-2023-46750

December 15, 2023

NAME__________Apache Shiro open redirectPlatforms Affected:Apache Shiro 1.12.0 Apache Shiro 2.0.0-alpha-3Risk Level:7.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________Apache Shiro could allow a remote attacker to conduct...

Other

Express.js Express open redirect | CVE-2024-29041

Peering Manager open redirect | CVE-2024-28113

Docassemble open redirect | CVE-2024-27291

Hoppscotch open redirect | CVE-2024-27092

LIVEBOX Collaboration vDesk open redirect | CVE-2022-45169

Liferay Portal and DXP open redirect | CVE-2024-25609

Liferay Portal and DXP open redirect | CVE-2024-25608

a-blog cms open redirect | CVE-2024-25559

Mercari App for Android URL redirect | CVE-2024-23388

Nextcloud User Saml open redirect | CVE-2024-22400

Nextcloud Guests security bypass | CVE-2024-22402

Nextcloud Guests security bypass | CVE-2024-22401

CodeAstro Internet Banking System open redirect | CVE-2024-0781

Access analysis CGI An-Analyzer open redirect | CVE-2024-22113

X.Org server weak security | CVE-2024-0409

SAP S/4HANA Finance security bypass | CVE-2024-21736

SAP Marketing open redirect | CVE-2024-21734

SAP S/4HANA Finance security bypass | CVE-2024-21736

SAP Microsoft Edge browser extension information disclosure | CVE-2024-22125

SAP LT Replication Server privilege escalation | CVE-2024-21735

Keycloak open redirect | CVE-2023-6927

Beckhoff authelia-bhf included in TwinCAT/BSD open redirect | CVE-2023-6545

PRIMX products open redirect | CVE-2023-50440

Apache Shiro open redirect | CVE-2023-46750

CISA: CISA Releases Best Practice Guidance for Mobile Communications

CVE Alert: CVE-2024-37605

CVE Alert: CVE-2024-12179

CVE Alert: CVE-2024-11422

CVE Alert: CVE-2024-12178

You may have missed