Total
1058 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-7275 | 1 Optergy | 2 Enterprise, Proton | 2022-10-13 | 5.8 MEDIUM | 6.1 MEDIUM |
| Optergy Proton/Enterprise devices allow Open Redirect. | |||||
| CVE-2019-6741 | 1 Samsung | 2 Galaxy S9, Galaxy S9 Firmware | 2022-10-12 | 5.8 MEDIUM | 9.3 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User interaction is required to exploit this vulnerability in that the target must connect to a wireless network. The specific flaw exists within the captive portal. By manipulating HTML, an attacker can force a page redirection. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7476. | |||||
| CVE-2022-3438 | 1 Ikus-soft | 1 Rdiffweb | 2022-10-11 | N/A | 6.1 MEDIUM |
| Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. | |||||
| CVE-2022-29170 | 1 Grafana | 1 Grafana | 2022-10-07 | 4.9 MEDIUM | 8.5 HIGH |
| Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds. | |||||
| CVE-2020-13565 | 2 Open-emr, Phpgacl Project | 2 Openemr, Phpgacl | 2022-10-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can redirect users to an arbitrary URL. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2022-28215 | 1 Sap | 1 Netweaver Abap | 2022-10-06 | 4.3 MEDIUM | 4.7 MEDIUM |
| SAP NetWeaver ABAP Server and ABAP Platform - versions 740, 750, 787, allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information. | |||||
| CVE-2022-0283 | 1 Gitlab | 1 Gitlab | 2022-10-05 | 5.8 MEDIUM | 6.1 MEDIUM |
| An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL. | |||||
| CVE-2022-39258 | 1 Mailcow | 1 Mailcow\ | 2022-09-29 | N/A | 8.2 HIGH |
| mailcow is a mailserver suite. A vulnerability innversions prior to 2022-09 allows an attacker to craft a custom Swagger API template to spoof Authorize links. This could redirect a victim to an attacker controller place to steal Swagger authorization credentials or create a phishing page to steal other information. The issue has been fixed with the 2022-09 mailcow Mootember Update. As a workaround, one may delete the Swapper API Documentation from their e-mail server. | |||||
| CVE-2022-31151 | 1 Nodejs | 1 Undici | 2022-09-29 | N/A | 6.5 MEDIUM |
| Authorization headers are cleared on cross-origin redirect. However, cookie headers which are sensitive headers and are official headers found in the spec, remain uncleared. There are active users using cookie headers in undici. This may lead to accidental leakage of cookie to a 3rd-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the 3rd party site. This was patched in v5.7.1. By default, this vulnerability is not exploitable. Do not enable redirections, i.e. `maxRedirections: 0` (the default). | |||||
| CVE-2022-31735 | 1 Osstech | 1 Openam | 2022-09-19 | N/A | 6.1 MEDIUM |
| OpenAM Consortium Edition version 14.0.0 provided by OpenAM Consortium contains an open redirect vulnerability (CWE-601). When accessing an affected server through some specially crafted URL, the user may be redirected to an arbitrary website. | |||||
| CVE-2022-39814 | 1 Nokia | 1 1350 Optical Management System | 2022-09-16 | N/A | 6.1 MEDIUM |
| In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP GET parameter. | |||||
| CVE-2022-25295 | 1 Getgophish | 1 Gophish | 2022-09-15 | N/A | 5.4 MEDIUM |
| This affects the package github.com/gophish/gophish before 0.12.0. The Open Redirect vulnerability exists in the next query parameter. The application uses url.Parse(r.FormValue("next")) to extract path and eventually redirect user to a relative URL, but if next parameter starts with multiple backslashes like \\\\\\example.com, browser will redirect user to http://example.com. | |||||
| CVE-2021-46379 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2022-09-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site. | |||||
| CVE-2020-26938 | 1 Oauth2-server Project | 1 Oauth2-server | 2022-09-07 | N/A | 7.2 HIGH |
| In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA-Z][a-zA-Z0-9+.-]+:") before making a redirection. This allows a malicious client to pass an XSS payload through the redirect_uri parameter while making an authorization request. NOTE: this vulnerability is similar to CVE-2020-7741. | |||||
| CVE-2021-29864 | 1 Ibm | 1 Security Identity Manager | 2022-09-02 | N/A | 6.1 MEDIUM |
| IBM Security Identity Manager 6.0 and 6.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 206089 | |||||
| CVE-2022-27547 | 1 Hcltech | 2 Domino, Hcl Inotes | 2022-09-01 | N/A | 7.4 HIGH |
| HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc. | |||||
| CVE-2022-28755 | 1 Zoom | 2 Virtual Desktop Infrastructure, Zoom | 2022-08-18 | N/A | 6.1 MEDIUM |
| The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including the potential for remote code execution through launching executables from arbitrary paths. | |||||
| CVE-2022-35953 | 1 Joinbookwyrm | 1 Bookwyrm | 2022-08-16 | N/A | 6.1 MEDIUM |
| BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was patched in version 0.4.5. | |||||
| CVE-2022-31193 | 1 Duraspace | 1 Dspace | 2022-08-08 | N/A | 6.1 MEDIUM |
| DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker's choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability. | |||||
| CVE-2020-26275 | 1 Jupyter | 1 Jupyter Server | 2022-08-06 | 5.8 MEDIUM | 6.1 MEDIUM |
| The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a different malicious website. All jupyter servers running without a base_url prefix are technically affected, however, these maliciously crafted links can only be reasonably made for known jupyter server hosts. A link to your jupyter server may *appear* safe, but ultimately redirect to a spoofed server on the public internet. This same vulnerability was patched in upstream notebook v5.7.8. This is fixed in jupyter_server 1.1.1. If upgrade is not available, a workaround can be to run your server on a url prefix: "jupyter server --ServerApp.base_url=/jupyter/". | |||||