CVE-2020-26110

cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces SEC-564...

CVE-2020-14126

Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information...

CVE-2020-14114

information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information...

CVE-2020-14130

Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version 3.0.210809...

CVE-2020-5881

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition VE is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer NDAL Interfaces can lock up and in turn disrupting the communicatio...

CVE-2017-18472

cPanel before 62.0.4 allows reflected XSS in reset-password interfaces SEC-198...

The vulnerability of the AES-128-CCM encryption algorithm in the operating system PAN-OS of network interfaces from Palo Alto Networks, including models PA-7500, PA 5400, PA 5400f, PA 3400, PA 1400, and PA 400, allows attackers to disclose confidential information.

The vulnerability of the AES-128-CCM encryption algorithm in the networking interfaces of the PAN-OS operating system of Palo Alto Networks’ devices such as PA-7500, PA 5400, PA 5400f, PA 3400, PA 1400, and PA 400 relates to the transmission of confidential information in plaintext. Exploiting th...

Introducing Linode Interfaces: Better Network Management (Open Beta)

Join the beta for Linode Interfaces, a new network management tool offering clearer configurations, better security, and smarter routing...

Moderate: iptraf-ng security update

IPTraf-ng is a console-based network monitoring utility which includes an IP traffic monitor, a TCP and UDP service monitor, and a LAN statistics module. It supports Ethernet, FDDI, ISDN, SLIP, PPP, and loopback interfaces as well as the built-in raw socket interface of the Linux kernel. Security...

SUSE CVE-2022-49844

In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...

VulnCheck KEV: CVE-2024-57049

A vulnerability in the TP-Link Archer c20 router with firmware version V6.6230412 and earlier permits unauthorized individuals to bypass the authentication of some interfaces under the /cgi directory. When adding Referer: http://tplinkwifi.net to the the request, it will be recognized as passing...

The software of the centralized backup and disaster recovery system of Dell PowerProtect Data Manager is vulnerable due to errors in the use of privileged application programming interfaces (APIs). This vulnerability allows a malicious individual to escalate their privileges.

The vulnerability of the software for centralized backup and disaster recovery management in Dell PowerProtect Data Manager is related to errors when privileged application programming interfaces are used. Exploiting this vulnerability can allow an attacker to gain increased privileges...

SAMSUNG SMR 安全漏洞

SAMSUNG SMR is a system patch package from the South Korean company Samsung SAMSUNG. It provides patches for Samsung mobile applications. SAMSUNG SMR suffers from a security vulnerability that stems from mishandling of insufficient privileges, which could lead to the use of privileged APIs by a...

Bind Network Interfaces to the Correct Zones

Different filtering policies can be configured for different firewall zones. If the server network is complex and has multiple interfaces that provide different service functions, it is recommended that interfaces be configured in different zones and different firewall policies be configured. For...

Avoid Enabling Unnecessary Services and Ports

In the zones, you need to specify the interfaces, ports, and services that need to be enabled or disabled. Correct configuration prevents illegitimate packets from being received and processed, reduces the number of exposed ports on the server, and reduces the attack surface. If the configuration...

Configure the nftables Policies for Loopback Properly

The loopback address 127.0.0.0/8 is a special address on a server. It is irrelevant to NICs and is mainly used for the inter-process communication of a local device. Packets with the source address 127.0.0.0/8 from NICs should be discarded. If policies related to the loopback address are improper...

Configure a Proper Default Zone

The firewalld service allows several independent rule zones to be created on a firewall based on the zone concept. Different interfaces or source addresses can be bound to different zones to implement different control logic. A zone can be configured with many different network interfaces or sour...

Configuring the SSH Service Port Properly

A server typically has multiple NICs and IP addresses. You need to plan IP addresses to determine which ones are used for services or management. Not all IP addresses need to listen on SSH connections. You can specify only some IP addresses to perform SSH connections to reduce the attack surface...

CVE-2025-24347

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...

CVE-2025-24349

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...