Total
1048 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1058 | 1 Gitea | 1 Gitea | 2024-08-02 | 6.1 Medium |
| Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5. | ||||
| CVE-2022-0868 | 1 Uri.js Project | 1 Uri.js | 2024-08-02 | 6.1 Medium |
| Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10. | ||||
| CVE-2022-0869 | 1 Spirit-project | 1 Spirit | 2024-08-02 | 6.1 Medium |
| Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3. | ||||
| CVE-2022-0692 | 1 Alltube Project | 1 Alltube | 2024-08-02 | 6.1 Medium |
| Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to 3.0.1. | ||||
| CVE-2022-0697 | 1 Archivy Project | 1 Archivy | 2024-08-02 | 6.1 Medium |
| Open Redirect in GitHub repository archivy/archivy prior to 1.7.0. | ||||
| CVE-2022-0645 | 1 Posthog | 1 Posthog | 2024-08-02 | 6.1 Medium |
| Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1. | ||||
| CVE-2022-0637 | 1 Mozilla | 1 Pollbot | 2024-08-02 | 6.1 Medium |
| open redirect in pollbot (pollbot.services.mozilla.com) in versions before 1.4.6 | ||||
| CVE-2022-0597 | 1 Microweber | 1 Microweber | 2024-08-02 | 6.1 Medium |
| Open Redirect in Packagist microweber/microweber prior to 1.2.11. | ||||
| CVE-2022-0560 | 1 Microweber | 1 Microweber | 2024-08-02 | 6.1 Medium |
| Open Redirect in Packagist microweber/microweber prior to 1.2.11. | ||||
| CVE-2022-0283 | 1 Gitlab | 1 Gitlab | 2024-08-02 | 4.7 Medium |
| An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL. | ||||
| CVE-2022-0235 | 4 Debian, Node-fetch Project, Redhat and 1 more | 14 Debian Linux, Node-fetch, Acm and 11 more | 2024-08-02 | 6.1 Medium |
| node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | ||||
| CVE-2022-0165 | 1 King-theme | 1 Kingcomposer | 2024-08-02 | 6.1 Medium |
| The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action available to both unauthenticated and authenticated users | ||||
| CVE-2022-0122 | 1 Digitalbazaar | 1 Forge | 2024-08-02 | 6.1 Medium |
| forge is vulnerable to URL Redirection to Untrusted Site | ||||
| CVE-2023-52263 | 1 Brave | 1 Browser | 2024-08-02 | 6.1 Medium |
| Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc. | ||||
| CVE-2023-50963 | 1 Ibm | 1 Storage Defender Data Protect | 2024-08-02 | 6.5 Medium |
| IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 276101. | ||||
| CVE-2023-50771 | 1 Jenkins | 1 Openid | 2024-08-02 | 6.1 Medium |
| Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks. | ||||
| CVE-2023-50345 | 1 Hcltech | 1 Dryice Myxalytics | 2024-08-02 | 3.7 Low |
| HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker to redirect users to malicious sites, potentially leading to phishing attacks or other security threats. | ||||
| CVE-2023-50297 | 1 Alfasado | 1 Powercms | 2024-08-02 | 6.1 Medium |
| Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability. | ||||
| CVE-2023-49394 | 1 Easycorp | 1 Zentao | 2024-08-02 | 6.1 Medium |
| Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly. | ||||
| CVE-2023-49281 | 1 Cainor | 1 Calendarinho | 2024-08-02 | 4.7 Medium |
| Calendarinho is an open source calendaring application to manage large teams of consultants. An Open Redirect issue occurs when a web application redirects users to external URLs without proper validation. This can lead to phishing attacks, where users are tricked into visiting malicious sites, potentially leading to information theft and reputational damage to the website used for redirection. The problem is has been patched in commit `15b2393`. Users are advised to update to a commit after `15b2393`. There are no known workarounds for this vulnerability. | ||||