281 matches found
EUVD-2024-48780
Malicious code in bioql PyPI...
EUVD-2022-53483
Malicious code in bioql PyPI...
EUVD-2024-1719
Malicious code in bioql PyPI...
Configure the iptables Policies for Loopback Properly
The loopback address 127.0.0.0/8 is a special address on a server. It is irrelevant to NICs and is mainly used for the inter-process communication of a local device. Packets with the source address 127.0.0.0/8 from NICs should be discarded. If policies related to the loopback address are improper...
CVE-2023-7080
The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and run arbitrary cod...
The vulnerability of the AES-128-CCM encryption algorithm in the operating system PAN-OS of network interfaces from Palo Alto Networks, including models PA-7500, PA 5400, PA 5400f, PA 3400, PA 1400, and PA 400, allows attackers to disclose confidential information.
The vulnerability of the AES-128-CCM encryption algorithm in the networking interfaces of the PAN-OS operating system of Palo Alto Networks’ devices such as PA-7500, PA 5400, PA 5400f, PA 3400, PA 1400, and PA 400 relates to the transmission of confidential information in plaintext. Exploiting th...
Configure the nftables Policies for Loopback Properly
The loopback address 127.0.0.0/8 is a special address on a server. It is irrelevant to NICs and is mainly used for the inter-process communication of a local device. Packets with the source address 127.0.0.0/8 from NICs should be discarded. If policies related to the loopback address are improper...
Bind Network Interfaces to the Correct Zones
Different filtering policies can be configured for different firewall zones. If the server network is complex and has multiple interfaces that provide different service functions, it is recommended that interfaces be configured in different zones and different firewall policies be configured. For...
Configuring the SSH Service Port Properly
A server typically has multiple NICs and IP addresses. You need to plan IP addresses to determine which ones are used for services or management. Not all IP addresses need to listen on SSH connections. You can specify only some IP addresses to perform SSH connections to reduce the attack surface...
CVE-2025-24347
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...
CVE-2025-24349
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...
Access Control Bypass
Overview browser-use is a Make websites accessible for AI agents Affected versions of this package are vulnerable to Access Control Bypass via the server's configuration, an attacker can access the debug port, which was inadvertently exposed on all network interfaces. Remediation Upgrade...
CVE-2025-24349
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...
CVE-2025-24348
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...
CVE-2025-24347
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...
CVE-2025-24349
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...
CVE-2025-24349
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...
CVE-2025-24349
CVE-2025-24349 affects the web application of ctrlX OS under the Network Interfaces feature. A remote authenticated (low-privilege) attacker can delete the configuration of physical network interfaces by sending a crafted HTTP request. The vulnerability is evidenced across multiple sources (NVD, ...
CVE-2025-24348
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...
CVE-2025-24348
CVE-2025-24348 affects the web interface of ctrlX OS (Network Interfaces). A remote authenticated, low-privilege attacker can manipulate the wireless network configuration file using a crafted HTTP request. Exploitation status is not detailed in the provided docs; CVSS v3.1 base score is 5.4 (Med...