Lucene search
+L

147 matches found

RedhatCVE
RedhatCVE
added 2025/08/16 1:28 p.m.12 views

CVE-2025-7353

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

9.3CVSS7.6AI score0.0081EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/16 5:30 a.m.17 views

CVE-2025-38501 ksmbd: limit repeated connections from clients with the same IP

In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated...

0.02121EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/08/14 1:23 p.m.5 views

CVE-2025-7353 Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

9.3CVSS7.5AI score0.0081EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/06/17 11:38 p.m.5 views

SUSE CVE-2025-49134

Weblate is a web based localization tool. Prior to version 5.12, the audit log notifications included the full IP address of the acting user. This could be obtained by third-party servers such as SMTP relays, or spam filters. This issue has been patched in version 5.12...

5.3CVSS6.8AI score0.00268EPSS
Exploits0References3
curl security advisories
curl security advisories
added 2025/05/28 8:0 a.m.9 views

QUIC certificate check skip with wolfSSL

libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks...

6.5CVSS7.1AI score0.00248EPSS
Exploits1References1Affected Software2
RedhatCVE
RedhatCVE
added 2025/05/23 2:54 a.m.5 views

CVE-2023-0347

The Akuvox E11 Media Access Control MAC address, a primary identifier, combined with the Akuvox E11 IP address, could allow an attacker to identify the device on the Akuvox cloud...

7.5CVSS5.5AI score0.00517EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 5:6 p.m.5 views

DRUPAL-CONTRIB-2025-047

The Restrict route by IP module provides an interface to manage route restriction by IP address. The module doesn't sufficiently protect certain routes from CSRF attacks. This vulnerability is mitigated by the fact that you need to know the route machine name...

8.8CVSS6.8AI score0.00171EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/22 12:0 a.m.10 views

The vulnerability of the IP address verification mechanism in the Brocade Fabric OS operating system allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the IP address verification mechanism in the Brocade Fabric OS operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges...

8CVSS8.6AI score0.00751EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2025/04/01 9:30 a.m.1 views

Private Data Structure Returned From A Public Method

Overview Affected versions of this package are vulnerable to Private Data Structure Returned From A Public Method. When a user accesses an externally referenced image, the provider of the image may obtain private information about the IP address of that accessing user. Remediation Upgrade...

6.5CVSS6.7AI score0.00872EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.5 views

Apache Answer 安全漏洞

Apache Answer is a community platform of the Apache USA Foundation. An information disclosure vulnerability exists in Apache Answer 1.4.2 and earlier versions, which stems from a public method returning a private data structure, and can be exploited by an attacker to cause IP address disclosure...

6.5CVSS6.2AI score0.00872EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/25 12:0 a.m.4 views

Contec Health CMS8000 Patient Monitor 安全漏洞

The Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor that stems from an update binary that attempts to install to a hard-coded routable IP address, thereby bypassing existing devi...

7.7CVSS6.7AI score0.00446EPSS
Exploits0References3
OSV
OSV
added 2025/01/30 12:15 p.m.5 views

CVE-2025-0743

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to leverage the endpoint "/embedai/visits/show/" to obtain information about the visits made by other users. The information provided by this endpoint includes IP...

4.3CVSS5.7AI score0.00331EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.3 views

Apple iOS和iPadOS 安全漏洞

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS prior to 18.2 and iPadOS prior to 18.2, which stems from the fac...

5.3CVSS7.3AI score0.01155EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.5 views

The vulnerability of the “Allow Direct Connections” function in remote access and management software like AnyDesk allows a hacker to disclose protected information about the target system’s IP address.

The vulnerability of the “Allow Direct Connections” function in the remote access and management software AnyDesk is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information about the target system’s IP...

7.8CVSS5.5AI score0.01178EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.7 views

PT-2024-34316 · Unknown · Show Visitor Ip Address

Name of the Vulnerable Software and Affected Versions: Show Visitor IP Address versions 0.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means an attacker can inject malicious...

6.5CVSS6.3AI score0.00361EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.13 views

The vulnerability of the Orchid Platform, related to the use of dangerous methods or functions, allows a hacker to obtain the server’s IP address.

The vulnerability of the Orchid Platform is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain the server’s IP address through a brute-force attack...

4.1CVSS5.4AI score0.00322EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/13 12:0 a.m.4 views

PT-2024-7691 · Haproxy +2 · Haproxy +2

Name of the Vulnerable Software and Affected Versions: HAProxy versions 2.9.x through 2.9.10 HAProxy versions 3.0.x through 3.0.4 HAProxy versions 3.1.x through 3.1-dev6 Description: The issue allows an attacker to open a 0-RTT session with a spoofed IP address, bypassing the IP allow/block list...

5.3CVSS7AI score0.00502EPSS
Exploits0References26
RedHat Linux
RedHat Linux
added 2024/10/02 12:41 a.m.2 views

kernel: netfilter: tproxy: bail out if IP has been disabled on the device

In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...

5.5CVSS6.3AI score0.00258EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/01 11:25 a.m.5 views

Malicious code in google-play-store (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b0f8bc12f61546bde84dd1d7a64519fcdc55ce875b71f3d8d848d2d5daa2248d This is a copy of https://pypi.org/project/play-scraper/ with added a very questionable "telemetry": in scraper.py, L90 sends the user hostname, IP and the exa...

6.8AI score
Exploits0References1
OSV
OSV
added 2024/09/26 6:11 p.m.7 views

CLSA-2024-1727374287 python3.9: Fix of CVE-2024-4032

CVE-2024-4032: fix missing and incorrect ip address ranges in privatenetwork variables...

7.5CVSS6.8AI score0.01034EPSS
Exploits0References1
Rows per page
Query Builder