Total
1050 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-5965 | 1 Joruri | 1 Joruri Mail | 2024-08-04 | N/A |
| Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2019-5969 | 1 Weseek | 1 Growi | 2024-08-04 | N/A |
| Open redirect vulnerability in GROWI v3.4.6 and earlier allows remote attackersto redirect users to arbitrary web sites and conduct phishing attacks via the process of login. | ||||
| CVE-2019-5946 | 1 Cybozu | 1 Garoon | 2024-08-04 | N/A |
| Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Login Screen. | ||||
| CVE-2019-5823 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 5.4 Medium |
| Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | ||||
| CVE-2019-5915 | 1 Osstech | 1 Openam | 2024-08-04 | N/A |
| Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page. | ||||
| CVE-2019-5433 | 1 Revive-adserver | 1 Revive Adserver | 2024-08-04 | N/A |
| A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing credentials or other phishing attacks. This vulnerability was addressed in version 4.2.0. | ||||
| CVE-2019-4209 | 1 Hcltech | 1 Connections | 2024-08-04 | 6.1 Medium |
| HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability which could be exploited by an attacker to conduct phishing attacks. | ||||
| CVE-2019-3877 | 4 Canonical, Fedoraproject, Mod Auth Mellon Project and 1 more | 4 Ubuntu Linux, Fedora, Mod Auth Mellon and 1 more | 2024-08-04 | N/A |
| A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an attacker to bypass the redirect URL validation logic in apr_uri_parse function. | ||||
| CVE-2019-3850 | 1 Moodle | 1 Moodle | 2024-08-04 | N/A |
| A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Links within assignment submission comments would open directly (in the same window). Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more susceptible to exploits. | ||||
| CVE-2019-3477 | 1 Microfocus | 1 Solutions Business Manager | 2024-08-04 | N/A |
| Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. | ||||
| CVE-2019-1486 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio Live Share | 2024-08-04 | 6.1 Medium |
| A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host, aka 'Visual Studio Live Share Spoofing Vulnerability'. | ||||
| CVE-2019-1075 | 1 Microsoft | 1 Asp.net Core | 2024-08-04 | N/A |
| A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. | ||||
| CVE-2019-0540 | 1 Microsoft | 5 Excel Viewer, Office, Office 365 Proplus and 2 more | 2024-08-04 | N/A |
| A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'. | ||||
| CVE-2020-36664 | 1 Seotool Project | 1 Seotool | 2024-08-04 | 5.5 Medium |
| A vulnerability has been found in Artesãos SEOTools up to 0.17.1 and classified as problematic. This vulnerability affects the function setTitle of the file SEOMeta.php. The manipulation of the argument title leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222232. | ||||
| CVE-2020-36627 | 1 Go-macaron | 1 I18n | 2024-08-04 | 5.5 Medium |
| A vulnerability was found in Macaron i18n. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file i18n.go. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 0.5.0 is able to address this issue. The name of the patch is 329b0c4844cc16a5a253c011b55180598e707735. It is recommended to upgrade the affected component. The identifier VDB-216745 was assigned to this vulnerability. | ||||
| CVE-2020-36665 | 1 Seotool Project | 1 Seotool | 2024-08-04 | 5.5 Medium |
| A vulnerability was found in Artesãos SEOTools up to 0.17.1 and classified as critical. This issue affects the function eachValue of the file TwitterCards.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The identifier of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The identifier VDB-222233 was assigned to this vulnerability. | ||||
| CVE-2020-36663 | 1 Seotool Project | 1 Seotool | 2024-08-04 | 5.5 Medium |
| A vulnerability, which was classified as problematic, was found in Artesãos SEOTools up to 0.17.1. This affects the function makeTag of the file OpenGraph.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The patch is named ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222231. | ||||
| CVE-2020-36365 | 1 Smartstore | 1 Smartstorenet | 2024-08-04 | 6.1 Medium |
| Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit open redirect. | ||||
| CVE-2020-35678 | 2 Crossbar, Redhat | 3 Autobahn, Ansible Automation Platform, Ansible Tower | 2024-08-04 | 6.1 Medium |
| Autobahn|Python before 20.12.3 allows redirect header injection. | ||||
| CVE-2020-35560 | 1 Mbconnectline | 2 Mbconnect24, Mymbconnect24 | 2024-08-04 | 6.1 Medium |
| An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unauthenticated open redirect in the redirect.php. | ||||