EUVD-2015-9085

Malware in sbrugna...

CVE-2025-27600

CVE-2025-27600 affects FastGPT prior to version 4.9.0. Root cause: the web crawling plug-in does not verify intranet IPs, enabling an SSRF-like request to access private intranet data. Impact per documents: potential exposure of intranet data; no exploit details provided beyond this. Mitigation: ...

FastGPT 代码问题漏洞

FastGPT is labring open source a large language model based on the open source knowledge base question and answer system. A code issue vulnerability exists in FastGPT versions prior to 4.9.0, which stems from the web crawler plugin not performing intranet IP validation, which could lead to the...

LibreY Code Issue Vulnerability

LibreY is a fork of LibreX, a frameless and JavaScript-free privacy-respecting metasearch engine by hnhx. A code issue vulnerability exists in LibreY. A remote attacker could use this vulnerability to send an HTTP GET request to an arbitrary target using the server as a proxy and retrieve intrane...

GHSA-HVV8-336G-RX3M A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host

Impact The processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. An attacker can manipulate the processed input stream and replace or inject objects, that result in a...

Zammad 代码问题漏洞

Zammad is a Web-based open source helpdesk/customer support system. An information disclosure vulnerability exists in Zammad versions prior to 3.4.1. The vulnerability stems from the way Massenversand's implementation of the SMS configuration interface presents the results of test requests to the...

Docutek Solutions Good for Enterprise for Android Privilege Gain Vulnerability

Docutek Solutions Good for Enterprise for Android is a mobile coworking application from Docutek Solutions for the Android platform. The program supports features such as email, calendar and contacts. A security vulnerability exists in version 3.0.0.415 of the Docutek Solutions Good for Enterpris...

CVE-2015-9232

The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for its Authentication Delegation API intent. Also, the Good Dynamic application activation process does not attempt to detect malicious activation attempts involving modified names beginning with a...

CVE-2015-9232

The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for its Authentication Delegation API intent. Also, the Good Dynamic application activation process does not attempt to detect malicious activation attempts involving modified names beginning with a...