EUVD-2019-19918

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes...

CVE-2019-25588

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes...

CVE-2019-25588

BulletProof FTP Server 2019.0.0.50 contains a local-denial of service vulnerability in the DNS Address field. By enabling DNS Address in the Firewall settings and pasting a ~700-byte buffer, an attacker can crash the application when Test is invoked. Affects BulletProof FTP Server 2019.0.0.50; ro...

CVE-2019-25588

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes...

EUVD-2015-8755

Malware in sbrugna...

EUVD-2023-26929

Malicious code in bioql PyPI...

CVE-2021-36380

Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi...

Exploit for CVE-2024-28255

OpenMetadataRCE CVE-2024-28255 Batch scan/exploit 1.このツー...

CVE-2023-22817

Server-side request forgery SSRF vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed by fixing D...

CVE-2023-22817

CVE-2023-22817 describes an SSRF vulnerability in Western Digital My Cloud OS 5 (prior to 5.27.161), My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices (prior to 9.5.1-104). The issue stems from insufficient validation of incoming requests, allowing a rogue server on the local network to m...

CVE-2023-22817 Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products

Server-side request forgery SSRF vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed by fixing D...

SUSE-SU-2024:0317-1 Security update for openconnect

This update for openconnect fixes the following issues: - Update to release 9.12: Explicitly reject overly long tun device names. Increase maximum input size from stdin 579. Ignore 0.0.0.0 as NBNS address !446, vpnc-scripts58. Fix stray null in URL path after Pulse authentication 4023bd95. Fix...

VulnCheck KEV: CVE-2021-36380

Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device for persistence on the network via shell metacharacters in ipAddr or dnsAddr in /cgi/networkDiag.cgi...

SUSE CVE-2015-8899

Dnsmasq before 2.76 allows remote servers to cause a denial of service crash via a reply with an empty DNS address that has an 1 A or 2 AAAA record defined locally...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Jan-2023 Release 1 prior to Release 1, which stems from incorrect authorization manageme...

The vulnerability of the cgi/networkDiag.cgi implementation of the SureLine aircraft monitoring application, which allows a violator to execute arbitrary commands

The vulnerability of the cgi/networkDiag.cgi implementation of the SureLine monitoring application exists because measures are not taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

CVE-2021-36380

Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi...

BulletProof FTP Server 2019.0.0.50 - (DNS Address) Denial of Service Exploit

Exploit Title: BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://bpftpserver.com/ Software Link: http://bpftpserver.com/products/bpftpserver/windows/download Tested Version: 2019.0.0.50 Tested on: Windows 10 Single...

BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service (PoC)

Exploit Title: BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-18 Vendor Homepage: http://bpftpserver.com/ Software Link: http://bpftpserver.com/products/bpftpserver/windows/download Tested Version: 2019.0.0.50 Tested...

BulletProof FTP Server 2019.0.0.50 - DNS Address Denial of Service (PoC)

BulletProof FTP Server 2019.0.0.50 - DNS Address Denial of Service PoC Exploit Title: BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-18 Vendor Homepage: http://bpftpserver.com/ Software Link:...