EUVD-2026-34825

A Server-Side Request Forgery SSRF vulnerability in the custom process creation feature of linqi allows an authenticated attacker to probe internal network components. By crafting a specific process containing an HTTP Request component, an attacker can force the server to send arbitrary HTTP...

CVE-2026-11346

A Server-Side Request Forgery SSRF vulnerability in the custom process creation feature of linqi allows an authenticated attacker to probe internal network components. By crafting a specific process containing an HTTP Request component, an attacker can force the server to send arbitrary HTTP...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via improper validation of the supi path parameter in multiple GET handlers. An attacker can obtain internal infrastructure details, including hostnames, ports, and API paths, by injecting control characters into th...

Group Office 代码问题漏洞

Group Office is a modular office suite developed by the Dutch company Group Office. Versions of Group Office prior to 6.8.150, 25.0.82, and 26.0.5 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing in the WOPI service discovery URL, which could lead to...

EUVD-2025-5345

Malicious code in bioql PyPI...

EUVD-2025-21830

Malicious code in bioql PyPI...

CVE-2025-7398

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036...

CVE-2025-7398

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036...

CVE-2025-7398

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036...

Brocade ASCG 安全漏洞

Brocade ASCG is a networking feature from Brocade USA that is primarily used to simplify SAN architecture and optimize resource utilization. A security vulnerability exists in Brocade ASCG versions prior to 3.3.0 that stems from the use of medium-strength encryption algorithms on internal ports...

PT-2025-29977

Name of the Vulnerable Software and Affected Versions Brocade ASCG versions prior to 3.3.0 Description Brocade ASCG versions prior to 3.3.0 allow the use of medium strength cryptography algorithms on internal ports 9000 and 8036. Recommendations Update Brocade ASCG to version 3.3.0 or later...

Medium Strength Cipher Suites detected on port on ports 9000 and 8036

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on ports 9000 and 8036. Those ports are internal ports...

SICK Field Analytics和SICK Media Server 代码问题漏洞

SICK Field Analytics and SICK Media Server are both products of SICK Germany.SICK Field Analytics is a software for evaluating manufacturing data.SICK Media Server is a media server. A code issue vulnerability exists in SICK Field Analytics and SICK Media Server that stems from vulnerability to...

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

CVE-2023-27163 PoC Exploit Code This Python script is a Proof...

CVE-2023-6578

A vulnerability classified as critical has been found in Software AG WebMethods 10.11.x/10.15.x. Affected is an unknown function of the file wm.server/connect/. The manipulation leads to improper access controls. It is possible to launch the attack remotely. To access a file like /assets/ a popup...

8x8 Bounty: connect.8x8.com: Blind SSRF via /api/v2/chats/image-check allows for Internal Ports scan

A Blind SSRF vulnerability was discovered in the 8x8 Connect application's ChatApps module, which allowed for internal port scans via the /api/v2/chats/image-check API path and the url JSON parameter. The vulnerability was resolved by retiring the entire API path...

CVE-2020-21641

Out-of-Band XML External Entity OOB-XXE vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file...

Xxe

Out-of-Band XML External Entity OOB-XXE vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file...

CVE-2020-21641

Out-of-Band XML External Entity OOB-XXE vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file...

CVE-2020-21641

Summary: CVE-2020-21641 affects Zoho ManageEngine Analytics Plus prior to 4.3.5. The issue is an Out-of-Band XML External Entity (OOB-XXE) in the handling of a crafted XML license file used by the product. What is affected: ManageEngine Analytics Plus (versions before 4.3.5). The vulnerability so...