Lucene search
K

13 matches found

Nuclei
Nuclei
added yesterday86 views

Imgproxy < 3.27.2 - Server-Side Request Forgery (SSRF)

imgproxy contains an issue caused by not blocking the 0.0.0.0 address even when IMGPROXYALLOWLOOPBACKSOURCEADDRESSES is set to false, letting local services be exposed, exploit requires network access. id: CVE-2025-24354 info: name: Imgproxy 3.27.2 - Server-Side Request Forgery SSRF author:...

5.3CVSS6.9AI score0.00844EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/05 2:53 p.m.6 views

io.quarkus/quarkus-rest: Quarkus REST Worker Thread Exhaustion Vulnerability

A flaw was found in the Quarkus REST HTTP layer. This vulnerability allows remote attackers to cause an application level denial of service by repeatedly dropping client connections while response chunks are being transmitted, leading to worker thread exhaustion...

7.5CVSS5.8AI score0.00349EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2025/11/27 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-24354

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXYALLOWLOOPBACKSOURCEADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2...

5.3CVSS5.8AI score0.00844EPSS
In wildExploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-0172

Malicious code in bioql PyPI...

5.3CVSS6.8AI score0.00844EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 11:40 a.m.6 views

CVE-2025-24354

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXYALLOWLOOPBACKSOURCEADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2...

5.3CVSS6.5AI score0.00844EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/30 3:47 a.m.3 views

SUSE CVE-2025-24354

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXYALLOWLOOPBACKSOURCEADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2...

5.3CVSS6.6AI score0.00844EPSS
Exploits0References3
NVD
NVD
added 2025/01/27 6:15 p.m.22 views

CVE-2025-24354

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXYALLOWLOOPBACKSOURCEADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2...

5.3CVSS0.00844EPSS
Exploits0References2
CVE
CVE
added 2025/01/27 5:23 p.m.100 views

CVE-2025-24354

Imgproxy (CVE-2025-24354) is affected by a Server-Side Request Forgery (SSRF) due to not blocking the 0.0.0.0 address when IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES is false. This allows access to local-host services because 0.0.0.0 is not considered loopback by Go’s ip.IsLoopback() check. The iss...

5.3CVSS6.7AI score0.00844EPSS
In wildExploits0References2
OSV
OSV
added 2025/01/27 5:23 p.m.13 views

CVE-2025-24354 imgproxy is vulnerable to SSRF against 0.0.0.0

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXYALLOWLOOPBACKSOURCEADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2...

5.3CVSS6.5AI score0.00844EPSS
Exploits0References4
CNVD
CNVD
added 2019/09/17 12:0 a.m.4 views

SQLite Memory Corruption Vulnerability

SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. A security vulnerability exists in SQLite version 3.27.2. Currently the...

7.5CVSS7.8AI score0.05673EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/17 12:0 a.m.3 views

SQLite Memory Corruption Vulnerability (CNVD-2019-43407)

SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. A security vulnerability exists in SQLite version 3.27.2. Currently the...

7.5CVSS7.9AI score0.06253EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/04/08 12:0 a.m.35 views

openSUSE Security Update : sqlite3 (openSUSE-2019-1159)

This update for sqlite3 to version 3.27.2 fixes the following issue : Security issue fixed : - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 Magellan bsc1119687. Release notes: https://www.sqlite.org/releaselog/3272.html This update was imported from the SUSE:SLE-15:Update...

8.1CVSS6.7AI score0.09683EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2019/04/05 12:0 a.m.168 views

Security update for sqlite3 (moderate)

openSUSE Security Update: Security update for sqlite3 Announcement ID: openSUSE-SU-2019:1159-1 Rating: moderate References: 1119687 Cross-References: CVE-2018-20346 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for sqlite3 ...

8.1CVSS7.1AI score0.09683EPSS
Exploits1References1
Rows per page
Query Builder