Server-Side Request Forgery

github.com/quantumnous/new-api, is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to incomplete SSRF protection that fails to block the unspecified address 0.0.0.0, allowing authenticated users to bypass private-IP filtering and force the server to make requests to...

CVE-2026-42339

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 CVE-2025-59146 and hardened in v0.9.6 CVE-2025-62155 does not block the unspecified address 0.0.0.0. A regular...

PT-2026-39677

Summary The programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credentials with the resulting request. This allows an attacker who can influence the scanned repository URL to trigger SSRF and...

EUVD-2026-8685

esm.sh has SSRF localhost/private-network bypass in /https module route...

CVE-2022-4335

A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host...

GHSA-J2HP-6M75-V4J4 imgproxy is vulnerable to SSRF against 0.0.0.0

Summary Imgproxy does not block the 0.0.0.0 address, even with IMGPROXYALLOWLOOPBACKSOURCEADDRESSES set to false. This can expose services on the local host. Details imgproxy protects against SSRF against a loopback address with the following check source: if !config.AllowLoopbackSourceAddresses ...

Local Host Access Bypass

Directus is vulnerable to a Local Host Access Bypass. The vulnerability is due to improper filtering of loopback addresses, where only 127.0.0.1 is blocked, but other 127.X.X.X addresses can bypass restrictions, allowing an attacker to gain unauthorized access to local services...

NI MeasurementLink Python Services Security Vulnerability

NI MeasurementLink Python Services is a python framework from NI. A security vulnerability exists in NI MeasurementLink Python Services that stems from the presence of improper access control. An attacker could exploit the vulnerability to access exposed services on the local host...

CVE-2022-37033

In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. In resolving this URL, the TempFileAPI follows any 302 redirects that the remote URL returns. Because there is no...

Istio 安全漏洞

Istio is a set of open platforms for connecting, managing and securing microservices. A security vulnerability exists in branches from Istio versions 1.15.x through prior to 1.15.3, which stems from the fact that a user with local host access to the Istiod control plane can emulate any workload...

PT-2022-15415 · Ibm · Ibm Robotic Process Automation

Name of the Vulnerable Software and Affected Versions: IBM Robotic Process Automation versions 21.0.0 through 21.0.2 Description: The issue allows a user with access to the local host client machine to obtain a login access token. Recommendations: For versions 21.0.0 through 21.0.2, at the moment...

Elliptic Curve Cryptography library ROHNP vulnerability

Elliptic Curve Cryptography library aka sunec, libsunec is an open source elliptic curve cryptography library. A security vulnerability exists in the Elliptic Curve Cryptography library. An attacker can exploit this vulnerability to obtain ECDSA keys by accessing a local device or a different...

CVE-2016-5338

The 1 espregread and 2 espregwrite functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service QEMU process crash or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer...

CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability

No description provided by source. ------------------------------------------------------------------------ CMS from Scratch = 1.1.3 image.php Local Directory Traversal Vulnerability ------------------------------------------------------------------------ author...: Stack mail.....: Wanted wanted...

Java-API calls in untrusted Javascript allow network privilege escalation

Unspecified vulnerability in Sun JDK and Java Runtime Environment JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java AP...

Microsoft Internet Explorer 5 - JavaScript Local File Enumeration (1)

source: https://www.securityfocus.com/bid/3779/info Microsoft Internet Explorer is prone to a vulnerability which may disclose sensitive information to a malicious webmaster. When script code includes a file outside of the document it is embedded in and the file does not exist, the onError event...

textcounter.pl 1.2 - Arbitrary Command Execution

textcounter.pl 1.2 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of...

textcounter.pl 1.2 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of entered characters, it is possible for a remote...

NCSA HTTPd 1.x - Remote Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/3158/info NCSA HTTPd is a free, open-source web server for nix systems. NCSA HTTPd versions 1.3 and earlier are prone to an exploitable buffer overflowin the username field which will allow malicious remote users to execute arbitrary code with the...