Total
1050 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-4000 | 1 Showdoc | 1 Showdoc | 2024-08-03 | 6.1 Medium |
| showdoc is vulnerable to URL Redirection to Untrusted Site | ||||
| CVE-2021-3989 | 1 Showdoc | 1 Showdoc | 2024-08-03 | 6.1 Medium |
| showdoc is vulnerable to URL Redirection to Untrusted Site | ||||
| CVE-2021-3851 | 1 Firefly-iii | 1 Firefly Iii | 2024-08-03 | 5.4 Medium |
| firefly-iii is vulnerable to URL Redirection to Untrusted Site | ||||
| CVE-2021-3829 | 1 Openwhyd | 1 Openwhyd | 2024-08-03 | 6.1 Medium |
| openwhyd is vulnerable to URL Redirection to Untrusted Site | ||||
| CVE-2021-3647 | 1 Uri.js Project | 1 Uri.js | 2024-08-03 | 6.1 Medium |
| URI.js is vulnerable to URL Redirection to Untrusted Site | ||||
| CVE-2021-3654 | 2 Openstack, Redhat | 3 Nova, Openstack, Openstack Platform | 2024-08-03 | 6.1 Medium |
| A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL. | ||||
| CVE-2021-3664 | 1 Url-parse Project | 1 Url-parse | 2024-08-03 | 5.3 Medium |
| url-parse is vulnerable to URL Redirection to Untrusted Site | ||||
| CVE-2021-3639 | 2 Redhat, Uninett | 2 Enterprise Linux, Mod Auth Mellon | 2024-08-03 | 6.1 Medium |
| A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity. | ||||
| CVE-2021-3189 | 1 Google | 1 Slashify | 2024-08-03 | 6.1 Medium |
| The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring. | ||||
| CVE-2021-1629 | 3 Linux, Microsoft, Tableau | 3 Linux Kernel, Windows, Tableau Server | 2024-08-03 | 6.1 Medium |
| Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users. | ||||
| CVE-2022-48358 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-03 | 7.4 High |
| The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this vulnerability by a malicious app can cause service exceptions. | ||||
| CVE-2022-47500 | 1 Apache | 1 Helix | 2024-08-03 | 6.1 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to 1.0.4. Solution: removed the the forward component since it was improper designed for UI embedding. User please upgrade to 1.1.0 to fix this issue. | ||||
| CVE-2022-46886 | 1 Servicenow | 1 Servicenow | 2024-08-03 | 5.5 Medium |
| There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain. | ||||
| CVE-2022-46784 | 1 Squaredup | 1 Dashboard Server | 2024-08-03 | 6.1 Medium |
| SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows open redirection. (The issue was originally found in 5.5.1 GA.) | ||||
| CVE-2022-46683 | 1 Jenkins | 1 Google Login | 2024-08-03 | 6.1 Medium |
| Jenkins Google Login Plugin 1.4 through 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins. | ||||
| CVE-2022-46407 | 1 Ericsson | 1 Network Manager | 2024-08-03 | 4.8 Medium |
| Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would need admin/elevated access to exploit the vulnerability | ||||
| CVE-2022-46288 | 1 Jacic | 1 Electronic Bidding Core System | 2024-08-03 | 6.1 Medium |
| Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. | ||||
| CVE-2022-45917 | 1 Ilias | 1 Ilias | 2024-08-03 | 6.1 Medium |
| ILIAS before 7.16 has an Open Redirect. | ||||
| CVE-2022-45582 | 1 Openstack | 1 Horizon | 2024-08-03 | 6.1 Medium |
| Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter. | ||||
| CVE-2022-45402 | 1 Apache | 1 Airflow | 2024-08-03 | 6.1 Medium |
| In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint. | ||||