11 matches found
Astra Linux – Vulnerability in Wireshark
Improper URL handling in Wireshark versions 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 may allow for remote code execution through packet injection or crafted capture files...
PT-2026-45737
D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...
dify 安全漏洞
dify is an open-source LLM application development platform developed by LangGenius. Versions of dify prior to 0.6.9 contained security vulnerabilities. These vulnerabilities were caused by improper handling of the parameter url in the getapitoolproviderremoteschema function of the...
EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-1323)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This...
CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor
Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...
CVE-2024-56331
CVE-2024-56331 affects Uptime Kuma’s real-browser monitor, enabling Local File Inclusion via file:/// URLs. The vulnerability arises from insufficient server-side validation of the URL input, allowing an authenticated user to trigger the browser to fetch and capture local files (e.g., /etc/passwd...
CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor
Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...
GHSA-2QGM-M29M-CJ2H uptime-kuma vulnerable to Local File Inclusion (LFI) via Improper URL Handling in `Real-Browser` monitor
Summary An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of the URL provided by the attacker. By supplying loca...
uptime-kuma vulnerable to Local File Inclusion (LFI) via Improper URL Handling in `Real-Browser` monitor
Summary An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of the URL provided by the attacker. By supplying loca...
UBUNTU-CVE-2021-22191
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file...
CVE-2019-0921
An spoofing vulnerability exists when Internet Explorer improperly handles URLs, aka 'Internet Explorer Spoofing Vulnerability'...