Fallos del tipo CWE-601

995 resultados
CVE-2026-21826MEDIUMHCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injectionEPSS 0.1%CVE-2025-11222MEDIUMCentral Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via sEPSS 0.1%CVE-2024-8527HIGHALC WebCTRL Carrier i-Vu Open Redirect via URL parameterEPSS 0.1%CVE-2026-32235MEDIUM@backstage/plugin-auth-backend: OAuth redirect URI allowlist bypassEPSS 0.1%CVE-2026-25649HIGHTraccar Vulnerable to Authorization Code Theft via Open Redirect in OIDC Provider EndpointsEPSS 0.1%CVE-2026-45037HIGHTabby: Unsafe protocol handler execution via terminal linkifier allows arbitrary OS protocol invocationEPSS 0.1%CVE-2025-27900MEDIUMMultiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and WindowsEPSS 0.1%CVE-2026-41844MEDIUMSpring Framework Open Redirect in Spring MVC and WebFluxEPSS 0.1%CVE-2025-62690LOWOpen redirect in error page when link opened in new tabEPSS 0.1%CVE-2024-13983MEDIUMInappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a remote attacker to perform UI spoofing via a cEPSS 0.1%CVE-2025-2068MEDIUMAn open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a locEPSS 0.1%CVE-2026-20994MEDIUMURL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token.EPSS 0.1%CVE-2026-34083MEDIUMsignalk-server: OAuth Authorization Code Theft via Unvalidated Host Header in OIDC FlowEPSS 0.1%CVE-2026-10562MEDIUMUnauthenticated Open Redirect Vulnerability on TP-Link Archer AX20 Web InterfaceEPSS CVE-2026-58450MEDIUMInvoice Ninja 5.13.26 - Open Redirect in Client Portal Login via intended ParameterEPSS