7 matches found
CVE-2026-1089 User‑Controlled HTTP Header In Fortra's GoAnywhere MFT Allows Arbitrary DNS Lookups
User‑Controlled HTTP Header in Fortra's GoAnywhere MFT prior to version 7.10.0 allows attackers to trigger a DNS lookup, as well as DNS Rebinding and Information Disclosure...
Fortra GoAnywhere MFT 安全漏洞
Fortra GoAnywhere MFT is a file transfer software developed by the American company Fortra. Versions of Fortra GoAnywhere MFT prior to version 7.10.0 contained security vulnerabilities. These vulnerabilities stemmed from user-controlled HTTP headers, which could allow attackers to trigger DNS...
cert-manager 代码问题漏洞
cert-manager is an open-source certificate manager developed by cert-manager. It converts certificates and certificate authorities into resource types within a Kubernetes cluster, simplifying the process of obtaining, renewing, and using these certificates. There were code vulnerabilities in...
SUSE CVE-2012-3517
Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service daemon crash via vectors related to failed DNS requests...
SUSE CVE-2020-8277
A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions 15.2.1, 14.15.1, and 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and...
CVE-2020-36232
The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5.0.0 before 5.0.1 allowed unexpected DNS lookups and requests to arbitrary services as it...
DEBIAN-CVE-2019-10648
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...