Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Authelia has an Edge Case Access Control Rule Mismatch
Authelia Missing Username Canonicalization in Basic Auth (LDAP)
@microsoft/kiota-http-fetchlibrary: Bearer token and Cookie leak across origin on redirect due to case-mismatched scrub in fetchRequestAdapter
Nuxt: Route-rule middleware bypass via case-sensitivity mismatch between vue-router and the routeRules matcher
FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files
TYPO3 CMS - Broken Access Control in Form Framework
HAX CMS PHP Has a Stored XSS via Case-Sensitivity Mismatch in HTML Upload Validation
Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware
Authorization header leaks to third-party origin on cross-origin redirect in Tesla.Middleware.FollowRedirects
Klaw: user lockout due to case sensitivity inconsistency
Apache Camel: Camel-CXF Message Header Injection via Missing Inbound Filtering
Apache Tomcat: LockOutRealm treats user names as case-sensitive
Heimdall: Case-sensitive host matching may lead to policy bypass
Heimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretation
Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison
Apache Camel JMS, Apache Camel CoAP, Apache Camel Google PubSub: Incomplete fix for CVE-2025-27636 in non-HTTP HeaderFilterStrategies (camel-jms, c...
prompts.chat Identity Confusion via Case-Sensitive Username Handling
OWASP CRS: Whitespace padding in filenames bypasses file upload extension checks
OpenID Connect / OAuth client - Less critical - Access bypass - SA-CONTRIB-2026-027
DataEase is Vulnerable to H2 JDBC RCE Bypass
Showing 1 - 20 of 1,000+ results