CVE-2023-37555

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition...

CVE-2024-51408

AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadata credentials...

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

CVE-2024-42364 homepage DNS rebinding vulnerability (GHSL-2024-096)

Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authentication by default, leaving it to vulnerable to DNS rebinding. In this attack, an attacker will...

Discourse Security Breach

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email and chat room features. A security vulnerability exists in Discourse that stems from the presence of a server-side request forgery vulnerability that allows an attacker to...

NocoDB 代码问题漏洞

NocoDB is an open source Airtable replacement. Convert any MySql, PostgreSql, Sql Server, Sqlite and MariaDb into a smart spreadsheet. NocoDB is vulnerable to a code issue. An attacker could exploit the vulnerability to access an internal address in order to make a request as a server and read it...

PT-2022-12428 · Terramaster · Terramaster F2-210 +2

Name of the Vulnerable Software and Affected Versions: Terramaster F4-210, F2-210 TOS version 4.2.X 4.2.15-2107141517 Description: The issue allows an attacker to obtain sensitive information, including the first administrator's hash, MAC address, and internal IP address, by sending a request to...

openstack-tripleo-heat-templates: data leak of internal URL through keystone_authtoken

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the wwwauthenticateuri parameter which is visible to all end users in configuration files. This would give sensitive...

CVE-2021-22255

SSRF in URL file upload in Baserow 1.1.0 allows remote authenticated users to retrieve files from the internal server network exposed over HTTP by inserting an internal address...

GitLab 信息泄露漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An information disclosure vulnerability exists in GitLab...

PT-2021-18682 · Hashicorp · Hashicorp Vault +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault and Vault Enterprise versions prior to 1.5.7 HashiCorp Vault and Vault Enterprise versions prior to 1.6.2 Description: The issue allows the disclosure of the internal IP address of the Vault node when responding to some invali...

CVE-2019-20006

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...

Open-Xchange: SSRF - Office Documents - Image URL

Through /api/oxodocumentfilter?action=addfile endpoint it is possible to insert images into documents. Handling of this request in source code is implemented here: office/com.openexchange.office.rest/src/com/openexchange/office/rest/AddFileAction.java One of options is to insert an image by...

CVE-2019-8097

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an internal ip disclosure vulnerability. Successful exploitation could lead to...

Adobe Acrobat and Reader Information Disclosure Vulnerability (CNVD-2019-32214)

Adobe Acrobat and Reader are the United States Odo than Adobe company's products. Adobe Acrobat is a set of PDF file editing and conversion tools. Reader is a set of PDF document reading software. Adobe Acrobat and Acrobat Reader security vulnerabilities exist. Attackers can use this vulnerabilit...

CVE-2019-5513

VMware Horizon Connection Server 7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8 contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server’s internal name, or the gateway’s internal IP address...

EAP7: Internal IP address disclosed on redirect when request header Host field is not set

It was found that when issuing a GET request which results in a 302 redirect, and when the request header 'Host' field was not set, the response header field 'Location' contains the internal IP address of the server. An attacker could use this disclose information which they are not authorized to...

EAP7: Internal IP address disclosed on redirect when request header Host field is not set

It was found that when issuing a GET request which results in a 302 redirect, and when the request header 'Host' field was not set, the response header field 'Location' contains the internal IP address of the server. An attacker could use this disclose information which they are not authorized to...

CVE-2016-3711

HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFTnamespaceSERVERID" cookie...

haproxy: Setting cookie containing internal IP address of a pod

An information disclosure flaw was discovered in haproxy as used by OpenShift Enterprise; a cookie with the name "OPENSHIFTnamespaceSERVERID" was set, which contained the internal IP address of a pod...