Ivanti Connect Secure - XXE

Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. id: CVE-2024-22024 info: name: Ivanti Connect Secure - XXE author: watchTowr severity: high description: | Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. impact: | Successful exploitation of this...

CVE-2025-13147 External Service Interaction (DNS)

Server-Side Request Forgery SSRF vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4...

EUVD-2020-26377

Malware in sbrugna...

EUVD-2019-0427

Malware in sbrugna...

CVE-2020-5130

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier...

CVE-2019-10648

Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...

Krisp: Log4j CVE-2021–44228

The researcher's canary token got DNS interaction, which raised a false sense of log4shell vulnerability. $hostName would be exfiltrated if any of the processing servers were vulnerable, but as seen in the video submitted by the researcher just a plain DNS resolving was made...

CVE-2020-29075

Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the...

CVE-2020-29075

Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the...

Information disclosure

Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the...

CVE-2020-29075 PDF Injection BlackHat Talk

Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the...

CVE-2020-29075

CVE-2020-29075 affects Adobe Acrobat/Reader (Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier, and 2017.011.30180 and earlier). The root cause is an information-disclosure vulnerability where two JavaScript functions perform DNS lookups when a PDF is loaded from t...

Adobe Acrobat < 2017.011.30188 / 2020.001.30018 / 2020.013.20074 Vulnerability (APSB20-75) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2017.011.30188, 2020.001.30018, or 2020.013.20074. It is, therefore, affected by a vulnerability. - Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlie...

Adobe Acrobat < 2017.011.30188 / 2020.001.30018 / 2020.013.20074 Vulnerability (APSB20-75)

The version of Adobe Acrobat installed on the remote Windows host is a version prior to 2017.011.30188, 2020.001.30018, or 2020.013.20074. It is, therefore, affected by a vulnerability. - Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and...

Adobe Reader < 2017.011.30188 / 2020.001.30018 / 2020.013.20074 Vulnerability (APSB20-75) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2017.011.30188, 2020.001.30018, or 2020.013.20074. It is, therefore, affected by a vulnerability. - Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier...

Design/Logic Flaw

Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...

CVE-2019-10648

Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...

CVE-2019-10648

Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...

CVE-2019-10648

Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...

CVE-2019-10648

CVE-2019-10648 affects Robocode up to version 1.9.3.5. The root cause is a .openStream call in java.net.URL, which allows remote attackers to trigger external service interaction (DNS) by querying attacker‑controlled DNS zones. This can enable exfiltration or other DNS interactions when a vulnera...