WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained code vulnerabilities. These vulnerabilities stemmed from the isSSRFSafeURL function, which allowed bypassing IPv6 addresses using IPv4 mapping. This could lead to...

CVE-2025-24354 imgproxy is vulnerable to SSRF against 0.0.0.0

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXYALLOWLOOPBACKSOURCEADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2...

The vulnerability of the Proxy Auto-Config component in the Firefox browser allows attackers to circumvent existing security restrictions and carry out attacks on services and tools associated with the local host.

The vulnerability of the Proxy Auto-Config component in the Firefox browser is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to bypass security restrictions during automatic proxy configuration, and to carry out attacks on services connected to the...