DNSdist -- vulnerabilities

https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html reports: CVE-2026-0396: HTML injection in the web dashboard CVE-2026-0397: Information disclosure via CORS misconfiguration CVE-2026-24028: Out-of-bounds read when parsing DNS packets via Lua CVE-2026-24029: DN...

EUVD-2024-54079

Malicious code in bioql PyPI...

CrushFTP 11.3.1 - Authentication Bypass

Exploit Title: CrushFTP 11.3.1 - Authentication Bypass Date: 2025-05-15 Exploit Author: @İbrahimsql Exploit Author's github: https://github.com/ibrahimsql Vendor Homepage: https://www.crushftp.com Software Link: https://www.crushftp.com/download.html Version: =2.28.1 , colorama=0.4.6 ,...

CVE-2024-55594

An improper handling of syntactically invalid structure in Fortinet FortiWeb at least vesrions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests...

CVE-2024-55594

An improper handling of syntactically invalid structure in Fortinet FortiWeb at least vesrions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests...

PT-2025-10767 · Fortinet · Fortiweb

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWeb versions 7.0.0 through 7.0.10 Fortinet FortiWeb versions 7.2.0 through 7.2.10 Fortinet FortiWeb versions 7.4.0 through 7.4.6 Description: The issue is related to the improper handling of syntactically invalid structures,...

Security Bulletin: IBM Technical Support Appliance - possible excessive use of CPU

Summary HTTPS protocol is used during web session by a TSA user as well as data transfers from TSA to IBM. Vulnerability Details CVEID:CVE-2024-28182 DESCRIPTION: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps...

CVE-2024-52801 Brute force takeover of OpenID Connect session cookies in sftpgo

sftpgo is a full-featured and highly configurable event-driven file transfer solution. Server protocols: SFTP, HTTP/S, FTP/S, WebDAV. The OpenID Connect implementation allows authenticated users to brute force session cookies and thereby gain access to other users' data, since the cookies are...

OpenShift Console Server Side Request Forgery vulnerability

A flaw was found in OpenShift Console. A Server Side Request Forgery SSRF attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to...

Fortinet Fortigate fails to block malformed HTTP/S traffic when transparent proxy is enabled (FG-IR-20-172)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-172 advisory. - When traffic other than HTTP/S eg: SSH traffic, etc... traverses the FortiGate in version below 6.2.5 and below 6.4.2 on po...

CentOS 7 : buildah (RHSA-2020:2116)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2116 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious containe...

EulerOS 2.0 SP8 : curl (EulerOS-SA-2024-2460)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowe...

IBM Storwize / FlashSystem Detection Consolidation

Consolidation of IBM Storwize / FlashSystem detections. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; if...

Server-Side Request Forgery

github.com/go-skynet/localai is vulnerable to Server-Side Request Forgery. The vulnerability is due to the /models/apply endpoint supporting both https:// and file:// schemes, which can lead to LFI. The attacker can exploit this vulnerability with network access to the LocalAI instance, potential...

CVE-2024-6095

A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery SSRF and partial Local File Inclusion LFI. The endpoint supports both https:// and file:// schemes, where the latter can lead to LFI. However, the output is limited due to the...

CVE-2024-6095 SSRF and Partial LFI in /models/apply Endpoint in mudler/localai

A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery SSRF and partial Local File Inclusion LFI. The endpoint supports both https:// and file:// schemes, where the latter can lead to LFI. However, the output is limited due to the...

CVE-2024-31220

Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface...

Rocky Linux 8 : curl (RLSA-2024:1601)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1601 advisory. - An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback...

CentOS 8 : curl (CESA-2024:1601)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:1601 advisory. - An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback...

CentOS 9 : curl-7.76.1-20.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the curl-7.76.1-20.el9 build changelog. - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated...