CVE-2026-40435

When configured, IP-based access restrictions for httpd do not cover all endpoints, which may allow connections from blocked addresses. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

USN-8110-1 libnet-cidr-perl vulnerability

Dave Rolsky discovered that Net-CIDR did not properly sanitize IP addresses. An attacker could possibly use this to bypass IP-based restrictions...

CVE-2026-3327 Authenticated DatoCMS Web Previews Plugin Iframe Injection

Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated user to circumvent the restriction enforced on the configured frontend URL, enabling the loading of arbitrary external resources or origins. This issue affects Web Previews v1.0.31...

Coturn 安全漏洞

Coturn is an open-source implementation of TURN TURN VoIP Media Services NAT Traversal Server and Gateway and STUN Simple Transfer of User Datagram Protocol Network Address Translators Servers. Versions of Coturn prior to 4.9.0 contained security vulnerabilities; these vulnerabilities stemmed fro...

Squidex code-related vulnerabilities

Squidex is an open-source content management system developed by Squidex. Versions of Squidex 7.21.0 and earlier had code vulnerabilities. These vulnerabilities stemmed from insufficient validation of URL parameters in Webhook configurations, or lack of restrictions on the target IP address, whic...

EUVD-2025-202627

A Server-Side Request Forgery SSRF vulnerability was discovered in the webpage-to-markdown conversion feature of markdownify-mcp v0.0.2 and before. This vulnerability allows an attacker to bypass private IP restrictions through hostname-based bypass and HTTP redirect chains, enabling access to...

EUVD-2004-2241

Malware in sbrugna...

EUVD-2011-4513

Malware in sbrugna...

EUVD-2008-4624

Malware in sbrugna...

EUVD-2021-0123

Malware in sbrugna...

EUVD-2013-6059

Malware in sbrugna...

EUVD-2022-25204

Malicious code in bioql PyPI...

EUVD-2024-47403

Malicious code in bioql PyPI...

EUVD-2022-25205

Malicious code in bioql PyPI...

CVE-2025-2498

CVE-2025-2498 concerns GitLab EE with an improper access control that could allow users to view assigned issues from restricted groups by bypassing IP restrictions. Affected versions are GitLab EE 12.0 through prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2. The connected document...

GitLab Enterprise Edition 多款产品安全漏洞

GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition versions prior to 17.10.8, prior to 17.11.4, and prior to 18.0.2, which stems from the possibility that a user could bypass IP access...

CVE-2023-20267

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability b...

CVE-2022-1936

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Deploy Token to misuse it from any location even when IP...

CVE-2022-1935

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger Token to misuse it from any location even when I...

UBUNTU-CVE-2025-1278

An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information...