CVE-2025-14660

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...

DecoCMS 访问控制错误漏洞

DecoCMS is a content management system from deco CMS open source. An access control error vulnerability exists in DecoCMS 1.0.0-alpha.31 and earlier versions, which stems from incorrect manipulation of the parameter domain in the file packages/sdk/src/mcp/teams/api.ts, which could lead to imprope...

EUVD-2025-29071

Malicious code in bioql PyPI...

CVE-2023-26788

Veritas Appliance v4.1.0.1 is affected by Host Header Injection attacks. HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address...

China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale

A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system DNS activities in a likely effort to evade security measures and conduct reconnaissance of networks across the world since October 2019. Cloud security firm Infoblox...

curl: Buffer overflow and affected url:-https://github.com/curl/curl/blob/master/docs/examples/hsts-preload.c

Vulnerability description not provided...

CVE-2023-26788

Veritas Appliance v4.1.0.1 is affected by Host Header Injection attacks. HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address...

CVE-2020-12408

When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox 77...

CVE-2020-12408

When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox 77...

CVE-2014-3613

cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1...

Prestashop 1.5.5 CRLF Injection

Exploit Title: Prestashop v1.5.5 - CRLF Injection Vulnerability Official site: http://www.prestashop.com Official Demo : http://demo-store.prestashop.com/ Risk Level: Medium Exploit Author: Esac Homepage author : www.iss4m.ma Email author : [email protected] Last Checked: 06/09/2013 +----------+ ...

CVE-2007-3550

Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service website suppression and resource consumption, aka "Internet Explorer Zone Domain Specification D...

alabanza.txt

Vulnerability: Ability to add/modify domains in name servers of webhosting companies who are reselling for Alabanza. Vendor Contacted: Yes, 09-14-99 - Hole still exists. ========================================================================== Hello everyone, I currently discovered a serious bug...