CVE-2026-33644

Lychee is a free, open-source photo-management tool. Prior to version 7.5.2, the SSRF protection in PhotoUrlRule.php can be bypassed using DNS rebinding. The IP validation check line 86-89 only activates when the hostname is an IP address. When a domain name is used, filtervar$host,...

CVE-2026-33644 Lychee has SSRF bypass via DNS rebinding — PhotoUrlRule only validates IP addresses, not hostnames resolving to internal IPs

Lychee is a free, open-source photo-management tool. Prior to version 7.5.2, the SSRF protection in PhotoUrlRule.php can be bypassed using DNS rebinding. The IP validation check line 86-89 only activates when the hostname is an IP address. When a domain name is used, filtervar$host,...

CVE-2026-4252 Tenda AC8 IPv6 check_is_ipv6 ip address for authentication

A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function checkisipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for authentication. It is possible to initiate the attack remotely. The exploit is publicly available and mig...

EUVD-2007-6396

Malware in sbrugna...

EUVD-2003-0764

Malware in sbrugna...

New Go loader pushes Rhadamanthys stealer

Malware loaders also known as droppers or downloaders are a popular commodity in the criminal underground. Their primary function is to successfully compromise a machine and deploy one or multiple additional payloads. A good loader avoids detection and identifies victims as legitimate i.e. not...

CLSA-2023-1701285323 exim: Fix of CVE-2023-42117

CVE-2023-42117: fix stringisipaddress...

CLSA-2023-1700160152 Fix CVE(s): CVE-2023-42117

SECURITY UPDATE: Remote code execution because of improper neutralization of special elements - debian/patches/CVE-2023-42117.patch: fix stringisipaddress - CVE-2023-42117...

UBUNTU-CVE-2023-35133

An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions...

SUSE CVE-2007-6430

Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations "realtime" and host-based authentication, does not check the IP address when the username is correct and there is no...

Nuclear Exploit Kit Spreading Cryptowall 4.0 Ransomware

In short order, the newest version of Cryptowall has begun showing up in exploit kits. The SANS Internet Storm Center said on Tuesday that an attacker working off domains belonging to Chinese registrar BizCN has been moving the ransomware via the Nuclear Exploit Kit. SANS ISC handler and Rackspac...

DEBIAN-CVE-2013-6410

nbd-server in Network Block Device nbd before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file...

Apache Tomcat information leak

Race conditions allow to bypass IP address check...

AMSN instant messenger data spoofing

Port with predictable number is open for file retrieval without check for peer IP address...

CVE-2003-0773

saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANENETINIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf...

CVE-2003-0773

saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANENETINIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf...