2 matches found
nodejs: DNS rebinding in --inspect via invalid IP addresses
A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided for instance, 10.0.2.555 is provided, browsers such as Firefox will make DNS requests ...
WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 ActiveX Control Memory Misreference Vulnerability
WebGate eDVR Manager is an eDVR software manager from WebGate Korea. A memory misreference vulnerability exists in the 'Connect' function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control of WebGate eDVR Manager. A remote attacker could exploit this vulnerability to execute arbitrary code via ...