• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-601

CVE-2021-28861

February 23, 2023 by

** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states “Warning: http.server is not recommended for production. It only implements basic security checks.”

CVE-2021-28125

February 23, 2023 by

Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince the user to click the link.

CVE-2021-27612

February 23, 2023 by

In specific situations SAP GUI for Windows until and including 7.60 PL9, 7.70 PL0, forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal credentials of the victim.

CVE-2021-27404

February 23, 2023 by

Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header.

CVE-2021-27352

February 23, 2023 by

An open redirect vulnerability in Ilch CMS version 2.1.42 allows attackers to redirect users to an attacker’s site after a successful login.

CVE-2021-25757

February 23, 2023 by

In JetBrains Hub before 2020.1.12629, an open redirect was possible.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 57
  • Go to page 58
  • Go to page 59
  • Go to page 60
  • Go to page 61
  • Interim pages omitted …
  • Go to page 92
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE