Vulnerabilities (CVE)

CWE filter

CWE-601

Filter

275 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-10955 1 Rockwellautomation 6 Compactlogix 5370 L1 Firmware, Compactlogix 5370 L2 Firmware, Compactlogix 5370 L3 Firmware and 3 more 2019-10-10 5.8
In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers...
CVE-2019-8995 1 Tibco 2 Activematrix Bpm, Silver Fabric Enabler 2019-10-09 5.8
The workspace client, openspace client, and app development client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM contain a...
CVE-2019-6741 2019-10-09 5.8
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User interaction is required to exploit this...
CVE-2019-5433 1 Revive-adserver 1 Revive Adserver 2019-10-09 5.8
A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing...
CVE-2019-4538 1 Ibm 1 Security Directory Server 2019-10-09 5.8
IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to...
CVE-2019-4201 1 Ibm 1 Jazz For Service Management 2019-10-09 5.8
IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit...
CVE-2019-4166 1 Ibm 1 Storediq 2019-10-09 5.8
IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed...
CVE-2019-4153 1 Ibm 1 Security Access Manager 2019-10-09 3.5
IBM Security Access Manager 9.0.1 through 9.0.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this...
CVE-2019-4092 1 Ibm 1 Content Navigator 2019-10-09 5.8
IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to...
CVE-2019-3912 2019-10-09 5.8
An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites.
CVE-2019-3850 1 Moodle 1 Moodle 2019-10-09 N/A
A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Links within assignment submission comments would open directly (in the same window). Although links themselves may be valid, opening within the same window and...
CVE-2019-3788 1 Cloudfoundry 1 Uaa Release 2019-10-09 5.8
Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri's subdomain, a remote malicious unauthenticated user can craft...
CVE-2019-1954 1 Cisco 1 Webex Meetings Server 2019-10-09 5.8
A vulnerability in the web-based management interface of Cisco Webex Meetings Server Software could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of...
CVE-2019-1943 1 Cisco 57 Sf200-24 Firmware, Sf200-24fp Firmware, Sf200-24p Firmware and 54 more 2019-10-09 5.8
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input...
CVE-2019-13422 1 Search-guard 1 Search Guard 2019-10-09 5.8
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login.
CVE-2019-10372 1 Jenkins 1 Gitlab Oauth 2019-10-09 5.8
An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login.
CVE-2019-10133 1 Moodle 1 Moodle 2019-10-09 5.8
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to internal URLs.
CVE-2019-10098 1 Apache 1 Http Server 2019-10-09 5.8
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
CVE-2018-8913 2019-10-09 N/A
Missing custom error page vulnerability in Synology Web Station before 2.1.3-0139 allows remote attackers to conduct phishing attacks via a crafted URL.
CVE-2018-7674 1 Netiq 1 Identity Manager 2019-10-09 5.8
The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection.