Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:35 a.m.9 views

CVE-2024-34361

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. A vulnerability in versions prior to 5.18.3 allows an authenticated user to make internal requests to the server via the gravityDownloadBlocklistFromUrl function. Depending on some...

8.8CVSS6.9AI score0.02828EPSS
Exploits4References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-25351

Malicious code in bioql PyPI...

7.6CVSS6.5AI score0.01414EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/02/05 1:7 a.m.11 views

CVE-2024-28247

The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs...

7.6CVSS6.3AI score0.01414EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2024/09/27 12:0 a.m.201 views

Backdoor.Win32.Amatu.a MVID-2024-0698 Arbitrary File Write

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/1e2d0b90ffc23e00b743c41064bdcc6b.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Amatu.a Vulnerability: Remote Arbitrary File Write RCE Family: Amatu Type: PE32...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2024/07/07 9:22 p.m.641 views

Exploit for CVE-2024-34361

CVE-2024-34361 Pi-hole Remote Code Execution SSRF to RCE...

8.5CVSS9.2AI score0.02828EPSS
Exploits4
Cvelist
Cvelist
added 2024/07/05 6:30 p.m.43 views

CVE-2024-34361 Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE)

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. A vulnerability in versions prior to 5.18.3 allows an authenticated user to make internal requests to the server via the gravityDownloadBlocklistFromUrl function. Depending on some...

8.5CVSS0.02828EPSS
Exploits4References2
CVE
CVE
added 2024/07/05 6:30 p.m.68 views

CVE-2024-34361

Pi-hole CVE-2024-34361 affects Core versions before 5.18.3. The vulnerability allows an authenticated user to make internal requests via gravity_DownloadBlocklistFromUrl(), potentially leading to remote code execution (RCE). A patch exists in 5.18.3. Public advisories from Red Hat and OSV describ...

8.8CVSS8.5AI score0.02828EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2024/07/05 6:30 p.m.19 views

CVE-2024-34361 Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE)

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. A vulnerability in versions prior to 5.18.3 allows an authenticated user to make internal requests to the server via the gravityDownloadBlocklistFromUrl function. Depending on some...

8.5CVSS7AI score0.02828EPSS
Exploits4References4
Vulnrichment
Vulnrichment
added 2024/07/05 6:30 p.m.23 views

CVE-2024-34361 Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE)

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. A vulnerability in versions prior to 5.18.3 allows an authenticated user to make internal requests to the server via the gravityDownloadBlocklistFromUrl function. Depending on some...

8.5CVSS7AI score0.02828EPSS
Exploits4References2
NVD
NVD
added 2024/03/27 7:15 p.m.24 views

CVE-2024-28247

The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs...

7.6CVSS7.2AI score0.01414EPSS
Exploits2References2
OSV
OSV
added 2024/03/27 6:24 p.m.21 views

CVE-2024-28247 Pihole Authenticated Arbitrary File Read with root privileges

The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs...

7.6CVSS6.3AI score0.01414EPSS
Exploits2References4
CVE
CVE
added 2024/03/27 6:24 p.m.69 views

CVE-2024-28247

Pi-hole Core (DNS sinkhole) is affected by CVE-2024-28247 due to an authenticated Arbitrary File Read via the file:// handling path. The issue allows an authenticated user to read internal server files, exploiting local-file update logic where non-domain lines printed from a provided file could r...

7.6CVSS7.2AI score0.01414EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2024/03/27 6:24 p.m.32 views

CVE-2024-28247 Pihole Authenticated Arbitrary File Read with root privileges

The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs...

7.6CVSS7.4AI score0.01414EPSS
Exploits2References2
OSV
OSV
added 2020/07/17 7:15 p.m.5 views

CVE-2020-1645

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon mspmand process, responsible for managing "URL Filtering service", may crash, causing the...

8.3CVSS7.2AI score0.00627EPSS
Exploits0References1
Rows per page
Query Builder