Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.13 views

CVE-2026-43897

Link Preview JS extracts web links information. Prior to 4.0.1, the library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal IP. This could cause internal data leaks. This vulnerability is fixed in 4.0.1...

8.7CVSS5.4AI score0.00432EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.24 views

PT-2026-45998

Mercusys AC12G EU V1 with firmware AC12GEU V1 200909 transmits DDNS credentials over plaintext HTTP with only Base64 encoding. The firmware contains no TLS implementation, allowing man-in-the-middle interception of DDNS service credentials...

5.8AI score0.00147EPSS
Exploits0References2
OSV
OSV
added 2025/05/27 1:15 p.m.4 views

UBUNTU-CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

7.5CVSS6.5AI score0.00241EPSS
Exploits0References6
SonicWall
SonicWall
added 2020/07/16 9:26 a.m.8 views

SonicOS SSLVPN External Service Interaction (DNS) Vulnerability

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier. CVE: CVE-2020-5130 Last updated: July 16, 2020, 9:26 a.m...

5.8CVSS7AI score0.01251EPSS
Exploits0
OSV
OSV
added 2018/08/27 4:29 a.m.1 views

CVE-2018-15895

An SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because the remote function in app/spider/spidertools.class.php does not block DNS hostnames associated with private and reserved IP addresses, as demonstrated by 127.0.0.1 in an A record. NOTE: this vulnerability exists because of an...

7.5CVSS5.8AI score0.01489EPSS
Exploits1References1
Rows per page
Query Builder