23 matches found
Ivanti Connect Secure - XXE
Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. id: CVE-2024-22024 info: name: Ivanti Connect Secure - XXE author: watchTowr severity: high description: | Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. impact: | Successful exploitation of this...
CVE-2025-13147 External Service Interaction (DNS)
Server-Side Request Forgery SSRF vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4...
EUVD-2019-0427
Malware in sbrugna...
EUVD-2020-26377
Malware in sbrugna...
CVE-2020-5130
SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier...
CVE-2019-10648
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...
Krisp: Log4j CVE-2021–44228
The researcher's canary token got DNS interaction, which raised a false sense of log4shell vulnerability. $hostName would be exfiltrated if any of the processing servers were vulnerable, but as seen in the video submitted by the researcher just a plain DNS resolving was made...
CVE-2020-29075
Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the...
CVE-2020-29075
Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the...
Information disclosure
Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the...
CVE-2020-29075 PDF Injection BlackHat Talk
Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the...
CVE-2020-29075
CVE-2020-29075 affects Adobe Acrobat/Reader (Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier, and 2017.011.30180 and earlier). The root cause is an information-disclosure vulnerability where two JavaScript functions perform DNS lookups when a PDF is loaded from t...
Adobe Reader < 2017.011.30188 / 2020.001.30018 / 2020.013.20074 Vulnerability (APSB20-75) (macOS)
The version of Adobe Reader installed on the remote macOS host is a version prior to 2017.011.30188, 2020.001.30018, or 2020.013.20074. It is, therefore, affected by a vulnerability. - Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier...
Adobe Acrobat < 2017.011.30188 / 2020.001.30018 / 2020.013.20074 Vulnerability (APSB20-75) (macOS)
The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2017.011.30188, 2020.001.30018, or 2020.013.20074. It is, therefore, affected by a vulnerability. - Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlie...
Adobe Acrobat < 2017.011.30188 / 2020.001.30018 / 2020.013.20074 Vulnerability (APSB20-75)
The version of Adobe Acrobat installed on the remote Windows host is a version prior to 2017.011.30188, 2020.001.30018, or 2020.013.20074. It is, therefore, affected by a vulnerability. - Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and...
Design/Logic Flaw
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...
CVE-2019-10648
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...
CVE-2019-10648
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...
CVE-2019-10648
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...
CVE-2019-10648
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...