A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the...

Jul 20, 2022

CVE-2022-26136

CRITICAL

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps

Jul 20, 2022

Searching...

Filters

12 vulnerabilities found

CVE-2026-39409

MEDIUM

Hono has incorrect IP matching in ipRestriction() for IPv4-mapped IPv6 addresses

Apr 8, 2026

CVE-2026-39364

HIGH

Vite has a `server.fs.deny` bypass with queries

Apr 7, 2026

CVE-2026-34786

MEDIUM

Rack: Rack::Static header_rules bypass via URL-encoded paths

Apr 2, 2026

CVE-2026-34475

MEDIUM

Varnish Cache before 8

Mar 27, 2026

CVE-2026-27590

CRITICAL

Caddy: Unicode case-folding length expansion causes incorrect split_path index (SCRIPT_NAME/PATH_INFO confusion) in FastCGI transport

Feb 24, 2026

CVE-2026-24895

CRITICAL

FrankenPHP affected by Path Confusion via Unicode casing in CGI path splitting allows execution of arbitrary files

Feb 12, 2026

CVE-2025-33194

MEDIUM

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data

Nov 25, 2025

CVE-2025-43716

MEDIUM

A directory traversal vulnerability exists in Ivanti LANDesk Management Gateway through 4

Apr 23, 2025

CVE-2025-29787

HIGH

zip Vulnerable to Incorrect Path Canonicalization During Archive Extraction, Leading to Arbitrary File Write

Mar 17, 2025

CVE-2024-28607

LOW

The ip-utils package through 2

Mar 11, 2025

CVE-2022-26137

HIGH

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the...

Jul 20, 2022

CVE-2022-26136

CRITICAL

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps

Jul 20, 2022