Lucene search
K

145 matches found

NVD
NVD
added 2021/02/19 7:15 a.m.20 views

CVE-2020-10252

An issue was discovered in ownCloud before 10.4. Because of an SSRF issue via the apps/filessharing/external remote parameter, an authenticated attacker can interact with local services blindly aka Blind SSRF or conduct a Denial Of Service attack...

8.3CVSS0.01246EPSS
Exploits1References3
OSV
OSV
added 2021/02/19 7:15 a.m.10 views

CVE-2020-10252

An issue was discovered in ownCloud before 10.4. Because of an SSRF issue via the apps/filessharing/external remote parameter, an authenticated attacker can interact with local services blindly aka Blind SSRF or conduct a Denial Of Service attack...

8.3CVSS6.7AI score
Exploits0References3
Prion
Prion
added 2021/02/19 7:15 a.m.15 views

Server side request forgery (ssrf)

An issue was discovered in ownCloud before 10.4. Because of an SSRF issue via the apps/filessharing/external remote parameter, an authenticated attacker can interact with local services blindly aka Blind SSRF or conduct a Denial Of Service attack...

6.5CVSS8AI score0.01246EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/02/19 6:12 a.m.21 views

CVE-2020-10252

An issue was discovered in ownCloud before 10.4. Because of an SSRF issue via the apps/filessharing/external remote parameter, an authenticated attacker can interact with local services blindly aka Blind SSRF or conduct a Denial Of Service attack...

8.1AI score0.01246EPSS
Exploits1References3
OSV
OSV
added 2021/01/26 12:0 a.m.8 views

UBUNTU-CVE-2021-23961

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

7.4CVSS7.2AI score0.01323EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2021/01/26 12:0 a.m.32 views

CVE-2021-23961

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

7.4CVSS7.3AI score0.01323EPSS
Exploits0References5
OSV
OSV
added 2021/01/07 2:15 p.m.3 views

DEBIAN-CVE-2020-26978

Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

6.1CVSS7.4AI score0.01266EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2021/01/07 1:51 p.m.27 views

CVE-2020-26978

Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

6.1CVSS7.6AI score0.01266EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/12/17 4:21 p.m.3 views

Mozilla: Internal network hosts could have been probed by a malicious webpage

The Mozilla Foundation Security Advisory describes this flaw as: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine...

6.1CVSS7.4AI score0.01266EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/12/17 3:12 p.m.7 views

Mozilla: Internal network hosts could have been probed by a malicious webpage

The Mozilla Foundation Security Advisory describes this flaw as: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine...

6.1CVSS7.4AI score0.01266EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/12/15 6:32 p.m.30 views

CVE-2020-26978

The Mozilla Foundation Security Advisory describes this flaw as: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine...

6.1CVSS0.4AI score0.01266EPSS
Exploits0References4
OSV
OSV
added 2020/12/15 12:0 a.m.5 views

UBUNTU-CVE-2020-26978

Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

6.1CVSS7.3AI score0.01266EPSS
Exploits0References6
Kitploit
Kitploit
added 2020/10/04 8:30 p.m.44 views

OFFPORT_KILLER - This Tool Aims At Automating The Identification Of Potential Service Running Behind Ports Identified Manually Either Through Manual Scan Or Services Running Locally

Manual Port Scanning Enumerate Potential Service If you like the tool and for my personal motivation so as to develop other tools please a +1 star INTRO This tool aims at automating the identification of potential service running behind ports identified manually or on services running locally onl...

7.1AI score
Exploits0References1
Prion
Prion
added 2020/06/19 4:15 p.m.17 views

Server side request forgery (ssrf)

An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services...

2.1CVSS5.5AI score0.00306EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2020/06/04 9:50 p.m.40 views

CVE-2020-8555

The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery SSRF that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints...

6.3CVSS5.5AI score0.03679EPSS
Exploits0
Hacker One
Hacker One
added 2020/04/30 1:38 p.m.47 views

Concrete CMS: SSRF bypass

This simply describes a bypass for report at https://hackerone.com/reports/243865, using a decimal notation encoded IP address 0177.0.0.1 currently bypasses the limitations in place for localhost. crayons re-submitting report including "magic" string Concrete5 version used is 8.5.2 Impact...

7.5CVSS8.8AI score0.01187EPSS
Exploits0
CNVD
CNVD
added 2020/02/11 12:0 a.m.3 views

Nextcloud server server-side request forgery vulnerability

Nextcloud is a client-server software suite for creating network hard disks. A server-side request forgery vulnerability exists in Nextcloud Server 16.0.1. An attacker could use this vulnerability to detect local and remote services when adding a new subscription in the Calendar application...

5CVSS6.7AI score0.01287EPSS
Exploits1References1
OSV
OSV
added 2020/02/04 8:15 p.m.36 views

CVE-2020-8118

An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...

5CVSS6.5AI score
Exploits0References4
Prion
Prion
added 2020/02/04 8:15 p.m.25 views

Server side request forgery (ssrf)

An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...

4CVSS5AI score0.01287EPSS
Exploits1References4Affected Software3
Nextcloud
Nextcloud
added 2019/07/04 12:0 a.m.32 views

Server-Side request forgery in New-Subscription feature of the calendar app (NC-SA-2019-014)

An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...

4CVSS2.5AI score0.01287EPSS
Exploits1Affected Software1
Rows per page
Query Builder