7 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
Additional techniques that built upon the slipstream research, combined with a malicious web page, could have exposed both hosts within an internal network as well as services running on the user’s local machine. This vulnerability affects Firefox versions earlier than 85...
PT-2026-6303
Name of the Vulnerable Software and Affected Versions Group-Office versions prior to 6.8.150 Group-Office versions prior to 25.0.82 Group-Office versions prior to 26.0.5 Description An authenticated user with System Administrator privileges can trigger a server-side request forgery SSRF through t...
python-kdcproxy: Unauthenticated SSRF via Realm‑Controlled DNS SRV
If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could send a request f...
EUVD-2020-21818
Malware in sbrugna...
SUSE CVE-2021-23961
Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...
DEBIAN-CVE-2020-26978
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...
UBUNTU-CVE-2020-26978
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...