Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/04/21 2:14 p.m.4 views

CVE-2026-1089 User‑Controlled HTTP Header In Fortra's GoAnywhere MFT Allows Arbitrary DNS Lookups

User‑Controlled HTTP Header in Fortra's GoAnywhere MFT prior to version 7.10.0 allows attackers to trigger a DNS lookup, as well as DNS Rebinding and Information Disclosure...

6.5CVSS5.8AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

Fortra GoAnywhere MFT 安全漏洞

Fortra GoAnywhere MFT is a file transfer software developed by the American company Fortra. Versions of Fortra GoAnywhere MFT prior to version 7.10.0 contained security vulnerabilities. These vulnerabilities stemmed from user-controlled HTTP headers, which could allow attackers to trigger DNS...

6.5CVSS5.8AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.11 views

cert-manager 代码问题漏洞

cert-manager is an open-source certificate manager developed by cert-manager. It converts certificates and certificate authorities into resource types within a Kubernetes cluster, simplifying the process of obtaining, renewing, and using these certificates. There were code vulnerabilities in...

5.9CVSS5.9AI score0.00349EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.2 views

SUSE CVE-2012-3517

Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service daemon crash via vectors related to failed DNS requests...

5CVSS9AI score0.02775EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.3 views

SUSE CVE-2020-8277

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions 15.2.1, 14.15.1, and 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and...

7.5CVSS6.7AI score0.54164EPSS
Exploits0References21
OSV
OSV
added 2021/02/22 9:15 p.m.3 views

CVE-2020-36232

The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5.0.0 before 5.0.1 allowed unexpected DNS lookups and requests to arbitrary services as it...

5CVSS6AI score
Exploits0References1
OSV
OSV
added 2019/03/30 1:29 p.m.3 views

DEBIAN-CVE-2019-10648

Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...

9.8CVSS6.9AI score0.02226EPSS
Exploits0References1
Rows per page
Query Builder