The vulnerability of PPMD in Juniper Networks Junos router series MX operating systems allows a attacker to cause a service failure.

The vulnerability of the PPMD module in Juniper Networks Junos routers of the MX series operating systems is related to improper handling of indeterminate values. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

The vulnerability of the Packet Forwarding Engine (PFE) module in the JunOS and JunOS Evolved operating systems allows a hacker to trigger a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in the JunOS operating system and JunOS Evolved is related to the improper handling of indeterminate values. Exploiting this vulnerability can allow a malicious actor to cause service failures when sending certain BGP updates...

IpMatcher 1.0.4.1 Server-Side Request Forgery

Exploit Title: SSRF in .NET C IpMatcher v1.0.4.1 and below NuGet package: CVE-2021-33318 IpMatcher v1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2. incorrectly validates octal & hexadecimal input data, leading to indeterminate SSRF, LFI, RFI, and DoS vectors. Date: 22/09/2022 Exploi...

IpMatcher 1.0.4.1 Server-Side Request Forgery Vulnerability

IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to indeterminate server-side request forgery, local file inclusion, remote file inclusion, and denial of service vectors. Exploit Title: SSRF in .N...

django: Possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses

A flaw was found in django. Leading zeros in octal literals aren't prohibited in IP addresses. If you used such values you could suffer from indeterminate SSRF, RFI, and LFI attacks. The highest threat from this vulnerability is to data integrity...

Django < 2.2.24, 3.0 < 3.1.12, 3.2 < 3.2.4 Multiple Vulnerabilities - Windows

Django is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-33571

A flaw was found in django. Leading zeros in octal literals aren't prohibited in IP addresses. If you used such values you could suffer from indeterminate SSRF, RFI, and LFI attacks. The highest threat from this vulnerability is to data integrity. Mitigation Mitigation for this issue is either no...

Server-Side Request Forgery in private-ip

Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF. An attacker can perform a large range of requests to ARIN reserved IP ranges, resulting in an indeterminable number of critical attack vectors, allowing remote...

CVE-2020-28360

CVE-2020-28360 describes an SSRF vulnerability in the npm package private-ip (versions 1.0.5 and earlier). The root cause is an insufficient RegEx filter for reserved IP ranges, allowing an attacker to craft requests to ARIN/other reserved ranges, which can lead to remote server-side resource req...