CVE-2026-42345 FastGPT: Cloud metadata endpoint SSRF protection bypass via port specification, IPv6 mapping, hex/decimal IP encoding, and trailing dot

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a fullUrl.startsWith check against a hardcoded list. This check can be bypassed using at least 7 different...

CVE-2026-41060

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares on...

CVE-2026-41060

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares on...

PT-2026-34205

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions 29.0 and earlier Description The isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit that allows any URL with a hostname matching webSiteRootURL to bypass Server-Side Request Forgery SSRF...

GHSA-J432-4W3J-3W8J WWBN AVideo has a SSRF via same-domain hostname with alternate port bypasses isSSRFSafeURL

Summary The isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares only the hostname and ignores the port, an attacker can reach...

WWBN AVideo has a SSRF via same-domain hostname with alternate port bypasses isSSRFSafeURL

Summary The isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares only the hostname and ignores the port, an attacker can reach...

SUSE CVE-2014-8160

net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with...

Security Vulnerabilities fixed in Firefox ESR 78.10 — Mozilla

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary cod...

Security Vulnerabilities fixed in Firefox 88 — Mozilla

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary cod...

SUSE-SU-2020:3670-1 Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19764 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in confontop bsc1178622. - CVE-2020-8694: Fixed an insufficient access control in the Linux kernel driver for some IntelR Processors...

CVE-2018-0163

A vulnerability in the 802.1x multiple-authentication multi-auth feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4017)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4017 advisory. - KVM: x86: Add memory barrier on vmcs field lookup Andrew Honig CVE-2017-5753 - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts Andrew Honig Orabug:...

NETGEAR FM114P ProSafe Wireless Router - Rule Bypass

NETGEAR FM114P ProSafe Wireless Router - Rule Bypass source: https://www.securityfocus.com/bid/7270/info The Netgear FM114P allows certain ports to be blocked, both for external users attempting to enter the local network and for local users connecting to the WAN. If Remote Access and Universal...

Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass

/ Summary A vulnerability exists in Check Point VPN-1/FireWall-1 4.1 SP2 that enables an attacker to establish connections to blocked TCP services through the firewall in certain configurations. We expect many deployed FireWall-1 installations to be immune to this attack. But we think that the...