Lemmy has SSRF in /api/v3/post via Webmention dispatch

Summary Lemmy allows an authenticated low-privileged user to create a link post through POST /api/v3/post. When a post is created in a public community, the backend asynchronously sends a Webmention to the attacker-controlled link target. The submitted URL is checked for syntax and scheme, but th...

CVE-2025-12217

The CVE-2025-12217 issue concerns the use of a default SNMP community string (public) on Azure Access Technology BLU-IC2 and BLU-IC4. Affected devices are BLU-IC2 and BLU-IC4 with firmware versions up to 1.19.5. The root cause is the default community string, enabling network access without crede...

CVE-2025-12217 SNMP Default Community String (public)

SNMP Default Community String public.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

EUVD-2018-7726

Malware in sbrugna...

EUVD-1999-1226

Malware in sbrugna...

EUVD-2019-6947

Malware in sbrugna...

CVE-2002-2112

RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must conform to the Data-over-Cable Service Interface Specifications DOCSIS standard, uses the "public" community string for SNMP access, which allows remote attackers to read or write MIB information...

CVE-2009-4646

Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string...

CVE-2019-20459

An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. With the SNMPv1 public community, all values can be read, and with the epson community, all the changeable values can be written/updated, as demonstrated by permanently disabling the network card or changing the DNS...

Epson Express Home XP255 安全漏洞

The Epson Express Home XP255 is a printer from the Japanese company Epson Epson. A security vulnerability exists in the Epson Express Home XP255 version 20.08, which stems from lax management of access rights to the public community for SNMPv1 and the epson community, which allows unauthorized...

SNMP service is enabled by default in Sharp NEC Display Solutions projectors

Overview Multiple projectors provided by Sharp NEC Display Solutions, Ltd. are configured with SNMP service enabled by default, therefore can be accessed by specifying SNMP community name "public" CWE-1242 ,CVE-2024-7011. SNMP service configuration enable/disable cannot be changed on the manageme...

SUSE CVE-2018-15869

An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image A...

CVE-2018-15869

An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image A...

BSA-2017-242

Security Advisory ID : BSA-2017-242 Component : Linksys Revision : 1.0: Interim LinksysEtherFastBEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community strin...

Mandriva Linux Security Advisory : net-snmp (MDVSA-2008:225)

A denial of service vulnerability was discovered in how Net-SNMP processed GETBULK requests. A remote attacker with read access to the SNMP server could issue a specially crafted request which would cause snmpd to crash CVE-2008-4309. Please note that for this to be successfully exploited, an...

SNMPv2 Public Community String (deprecated)

Binary data 1345.prm...

SNMPv1 Public Community String (deprecated)

Binary data 1344.prm...

D-Link DSL unauthorized access

public and private community are accessable by default. public community leaks account infromation in cleartext...

iDEFENSE Security Advisory 10.02.2002: Net-SNMP DoS Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.02.2002: Net-SNMP DoS Vulnerability 20:00 GMT, October 2, 2002 I. BACKGROUND The Net-SNMP package, formerly known as ucd-snmp, is a suite of tools relating to the Simple Network Management Protocol SNMP. It includes an...

IRIX hpsnmpd vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: IRIX hpsnmpd vulnerability Number: 20020404-01-P Date: April 24, 2002 Reference: CERT CA-2002-03 Reference: CVE CAN-2002-0012 Reference: CVE CAN-2002-0013 - ----------------------- - --- Issue Specifics --- - ----------------------- ...