Lucene search
+L

32 matches found

CVE
CVE
added 2021/09/08 1:41 p.m.274 views

CVE-2021-30720

CVE-2021-30720 is a logic issue in WebKit-based components (notably WebKitGTK/WebKit) that could allow a malicious website to access restricted ports on arbitrary servers. The vulnerability is fixed in Apple platforms as of tvOS 14.6, iOS 14.6, iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, and ...

5.8CVSS5.7AI score0.01279EPSS
Exploits0References5Affected Software6
Debian CVE
Debian CVE
added 2021/04/02 6:4 p.m.37 views

CVE-2021-1799

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access...

6.5CVSS4.3AI score0.01771EPSS
Exploits0
Cvelist
Cvelist
added 2021/04/02 6:4 p.m.27 views

CVE-2021-1799

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access...

7AI score0.01771EPSS
Exploits0References8
Veracode
Veracode
added 2021/03/30 9:43 p.m.26 views

Port Redirection

webkit2gtk is vulnerable to port redirection. A malicious website may be able to access restricted ports on arbitrary servers...

6.5CVSS3.8AI score0.01771EPSS
Exploits0References12Affected Software17
UbuntuCve
UbuntuCve
added 2021/03/24 12:0 a.m.32 views

CVE-2021-1799

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access...

6.5CVSS6.9AI score0.01771EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/09/16 5:15 p.m.23 views

CVE-2019-15726

An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the IP address of clients requesting the file from that server...

5.3CVSS6.1AI score0.01653EPSS
Exploits0References2
OSV
OSV
added 2019/09/16 5:15 p.m.5 views

UBUNTU-CVE-2019-15726

An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the IP address of clients requesting the file from that server...

5.3CVSS6.1AI score0.01653EPSS
Exploits0References3
exploitpack
exploitpack
added 2015/10/30 12:0 a.m.17 views

PHP Server Monitor 3.1.1 - Multiple Cross-Site Request Forgery Vulnerabilities

PHP Server Monitor 3.1.1 - Multiple Cross-Site Request Forgery Vulnerabilities + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPSRVMONITOR-CSRF.txt Vendor: ================================ www.phpservermonitor.org...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2015/10/30 12:0 a.m.26 views

PHP Server Monitor 3.1.1 - Multiple Cross-Site Request Forgery Vulnerabilities

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPSRVMONITOR-CSRF.txt Vendor: ================================ www.phpservermonitor.org...

7.4AI score
Exploits0
NVD
NVD
added 2014/12/01 3:59 p.m.18 views

CVE-2014-5237

Server-side request forgery SSRF vulnerability in the documentconverter component in Open-Xchange OX AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary images via a URL in an embedded image in a Text...

4.3CVSS6.7AI score0.02357EPSS
Exploits1References3
Prion
Prion
added 2014/12/01 3:59 p.m.17 views

Server side request forgery (ssrf)

Server-side request forgery SSRF vulnerability in the documentconverter component in Open-Xchange OX AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary images via a URL in an embedded image in a Text...

4.3CVSS7.3AI score0.02357EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2009/08/27 5:30 p.m.39 views

CVE-2009-2973

Google Chrome before 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the 1 MD2 or 2 MD4 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary HTTPS servers via a crafted certificate, a related issue to CVE-2009-2409...

6.4CVSS5.7AI score0.00932EPSS
Exploits0References5
Rows per page
Query Builder