15 matches found
EUVD-2017-15223
Malware in sbrugna...
EUVD-2011-0403
Malware in sbrugna...
EUVD-2023-31824
Malicious code in bioql PyPI...
EUVD-2022-53416
Malicious code in bioql PyPI...
CVE-2023-28099
OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, if dsisinlist is used with an invalid IP address string NULL is illegal input, OpenSIPS will attempt to print a string from a random address stack garbage, which could lead to a crash. All user...
CVE-2023-28099 OpenSIPS has vulnerability in the ds_is_in_list() function
OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, if dsisinlist is used with an invalid IP address string NULL is illegal input, OpenSIPS will attempt to print a string from a random address stack garbage, which could lead to a crash. All user...
nodejs: DNS rebinding in --inspect via invalid IP addresses
A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided for instance, 10.0.2.555 is provided, browsers such as Firefox will make DNS requests ...
nodejs: DNS rebinding in --inspect via invalid IP addresses
A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided for instance, 10.0.2.555 is provided, browsers such as Firefox will make DNS requests ...
nodejs: DNS rebinding in --inspect via invalid IP addresses
A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided for instance, 10.0.2.555 is provided, browsers such as Firefox will make DNS requests ...
Unable to use TLS/SSL LDAP Auth after ADM upgrade to latest build 13.0-71.40 - TLS Handshake fails with "Unknown CA"
After upgrading ADM to latest build 13.0-71.40 External Authentication fails when LDAP Server is configured using Security type SSL and TLS. When retrieving Attributes on LDAP Server config from ADM GUI throw this error :: "LDAP IP Address or Port Number provided is invalid." Network trace shows...
CVE-2015-2096
Use-after-free vulnerability in the Connect function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via an invalid IP address and a page reload...
Design/Logic Flaw
Use-after-free vulnerability in the Connect function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via an invalid IP address and a page reload...
CVE-2015-2096
Use-after-free vulnerability in the Connect function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via an invalid IP address and a page reload...
CVE-2012-6054
The dissectsflow245addresstype function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service infinite loop via a packet that ...
CVE-2007-1561
The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service crash via a SIP INVITE message with an SDP containing one valid and one invalid IP address...