CVE-2026-41185

When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...

CVE-2026-40174

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cUsers.updateAddress function does not properly validate anti-CSRF tokens for user address management operations. An attacker can induce a logged-in administrator to submit a forged request that adds,...

CVE-2026-33726 Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pods to L7 Services Envoy, GAMMA with a local backend on the same node, when Per-Endpoint Routing is...

phpIPAM 安全漏洞

phpIPAM is phpIPAM open source a set of open source PHP and MySQL based IP address management applications IPAM. A security vulnerability exists in phpIPAM v1.7.3, which stems from improper neutralization of the instructions parameter and could lead to cross-site scripting attacks...

CVE-2025-13879

Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an authenticated user with administrator privileges to list directories other than those to which the have authorized access using the 'directory' parameter in '/mod/ajax.php?action=sections/list/list'.For...

EUVD-2007-1176

Malware in sbrugna...

EUVD-2023-12862

Malicious code in bioql PyPI...

GestioIP 安全漏洞

GestioIP is a web-based IPv4/IPv6 address management software from GestioIP. A security vulnerability exists in GestioIP 3.0 commit ac67be and prior versions, which stems from an unvalidated ip parameter that could lead to remote command execution...

CVE-2023-0865

The WooCommerce Multiple Customer Addresses & Shipping WordPress plugin before 21.7 does not ensure that the address to add/update/retrieve/delete and duplicate belong to the user making the request, or is from a high privilege users, allowing any authenticated users, such as subscriber to...

phpIPAM 跨站脚本漏洞

phpIPAM is phpIPAM open source set of open source PHP and MySQL based IP address management application IPAM. phpIPAM suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an...

phpIPAM 安全漏洞

phpIPAM is phpIPAM open source set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.5.2, which stems from the lack of effective filtering and escaping of user-supplied data on the circuits options page, whi...

CVE-2024-21638

Azure IPAM IP Address Management is a lightweight solution developed on top of the Azure platform designed to help Azure customers manage their IP Address space easily and effectively. By design there is no write access to customers' Azure environments as the Service Principal used is only assign...

GestioIP 安全漏洞

GestioIP is a web-based IPv4/IPv6 address management software from GestioIP. A security vulnerability exists in GestioIP version v3.5.7, which stems from vulnerability to cross-site scripting attacks XSS, leading to data disclosure and cross-site request forgery CSRF attacks...

CVE-2024-56562

CVE-2024-56562 relates to the Linux kernel i3c master code. The issue was a copy-paste error that freed the wrong pointer: it freed the dyn_addr instead of init_dyn_addr in i3c_master_put_i3c_addrs(), leading to a mismanagement of the init_dyn_addr resource when boardinfo is present. The patch re...

DEBIAN-CVE-2024-46711

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'localaddrused' and 'addaddraccepted' are decremented for addresses not related to the initial subflow ID0, because the source and destination addresses of the initial...

The vulnerability in the web application for managing IP addresses, app\admin\firewall-zones\zones-edit-network.php, allows a attacker to execute XSS attacks.

The vulnerability in the app\admin\firewall-zones\zones-edit-network.php web application for managing IP addresses via phpipam exists due to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37579)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37595)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37586)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37588)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...