8 matches found
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass via the handling of the forwarded-proto header when generating public URLs. An attacker can cause the application to generate spoofed canonical URLs by injecting or manipulating the forwarded-proto header value...
SUSE CVE-2026-44249
Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo. Valid public IP addresses ca...
UBUNTU-CVE-2026-44249
Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo. Valid public IP addresses ca...
CVE-2026-40516
Technical details about CVE-2026-40516 are not publicly available in the provided Connected documents; the description exists but without explicit vendor/product/versions in this set. Monitor for updates.
CVE-2025-8866
YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...
PT-2024-39308 · Amazon +1 · Aws Alb Route Directive Adapter For Istio +1
Name of the Vulnerable Software and Affected Versions: AWS ALB Route Directive Adapter For Istio affected versions not specified Description: The issue concerns a lack of proper signer and issuer validation in the JWT authentication mechanism used by the AWS ALB Route Directive Adapter For Istio...
The vulnerability of the FortiOS operating systems and the FortiProxy proxy server, related to vulnerabilities in access control, allows attackers to bypass security restrictions.
The vulnerabilities of the FortiOS operating systems and the FortiProxy proxy server for protecting against Internet attacks are related to deficiencies in access control. Exploiting these vulnerabilities allows a malicious actor to circumvent security restrictions by synchronizing publicly...
HUMAX WiFi Router HG-100R DNS Hijacking Vulnerability
The HG-100R is a router. A DNS hijacking vulnerability exists in the HUMAX WiFi Router HG-100R. The vulnerability is caused by first constructing a special request to bypass the authentication of the management console. The vulnerability is due to the router failing to validate the session token...