11 matches found
nameConstraints DNS bypass via subject CommonName fallback in public_key hostname verification
...
CVE-2026-34207
TypeBot is a chatbot builder tool. In versions prior to 3.16.0, SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It does not resolve DNS before allowing the request. As a result, a hostname such as ssrf-repro.examp...
USN-8283-1: rsync vulnerabilities
Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote attacker with read access to an rsync server could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.1...
CVE-2026-33644
Lychee is a free, open-source photo-management tool. Prior to version 7.5.2, the SSRF protection in PhotoUrlRule.php can be bypassed using DNS rebinding. The IP validation check line 86-89 only activates when the hostname is an IP address. When a domain name is used, filtervar$host,...
Harden-Runner 安全漏洞
Harden-Runner is a program open source by StepSecurity. It provides network exit filtering and runtime security for both GitHub-hosted and self-hosted runners. Harden-Runner versions 2.15.1 and earlier contained security vulnerabilities, which stemmed from an exploit that allowed DNS queries to...
CVE-2025-7395
A certificate verification error in wolfSSL when building with the WOLFSSLSYSCACERTS and WOLFSSLAPPLENATIVECERTVALIDATION options results in the wolfSSL client failing to properly verify the server certificate's domain name, allowing any certificate issued by a trusted CA to be accepted regardles...
CVE-2025-7395 Domain Name Validation Bypass with Apple Native Certificate Validation
A certificate verification error in wolfSSL when building with the WOLFSSLSYSCACERTS and WOLFSSLAPPLENATIVECERTVALIDATION options results in the wolfSSL client failing to properly verify the server certificate's domain name, allowing any certificate issued by a trusted CA to be accepted regardles...
CVE-2025-7395
wolfSSL contains a certificate verification bypass when built with WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION, causing the client to fail to properly verify the server hostname and accept any certificate issued by a trusted CA. The CVE-2025-7395 entries from NVD, Debian, Alpine...
OESA-2022-2041 curl security update
CURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to th...
PHP Security Bypass Vulnerability (CNVD-2017-23336)
PHP PHP: HypertextPreprocessor is an open source general-purpose computer scripting language maintained by the PHPGroup and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and program extensions in C and C++. A security vulnerability...
PT-2006-2269 · Glftpd · Glftpd
Name of the Vulnerable Software and Affected Versions: glFTPd versions prior to 2.01 RC5 Description: The issue allows remote attackers to bypass IP checks by using a crafted DNS hostname. This could potentially include a hostname that appears to be an IP address. Recommendations: For versions...