37 matches found
CVE-2026-1516
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authenticated user to leak IP addresses of users viewing the report via specially crafted content...
CVE-2026-45179
CVE-2026-45179 affects Plack::Middleware::Statsd for Perl, with versions before 0.9.0 potentially leaking user IP addresses if the statsd channel is not secured (e.g., UDP to a different network). Since 0.9.0, IPs are no longer logged unless configured; when configured, an HMAC signature of the I...
UBUNTU-CVE-2026-1516
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authenticated user to leak IP addresses of users viewing the report via specially crafted content...
CVE-2025-67476
CVE-2025-67476 affects Wikimedia Foundation MediaWiki, with the flaw located in includes/Import/ImportableOldRevisionImporter.Php. Affects MediaWiki versions before 1.44.3 and before 1.45.1. The Red Hat advisory describes a remote-facing issue where a low-privilege attacker could disclose sensiti...
CVE-2019-16752
An issue was discovered in Decentralized Anonymous Payment System DAPS through 2019-08-26. It is possible to force wallets to send HTTP requests to arbitrary locations, both on the local network and on the internet. This is a serious threat to user privacy, since it can possibly leak their IP...
EUVD-2025-37937
Weblate is a web based localization tool. In versions 5.14 and below, Weblate leaks the IP address of the project member inviting the user to the project in the audit log. The audit log includes IP addresses from admin-triggered actions, which can be viewed by invited users. This issue is fixed i...
EUVD-2004-0948
Malware in sbrugna...
EUVD-2014-8407
Malware in sbrugna...
EUVD-2000-0180
Malware in sbrugna...
EUVD-2020-22807
Malware in sbrugna...
EUVD-2025-18399
Malicious code in bioql PyPI...
EUVD-2022-38819
Malicious code in bioql PyPI...
CVE-2025-49134
Weblate is a web based localization tool. Prior to version 5.12, the audit log notifications included the full IP address of the acting user. This could be obtained by third-party servers such as SMTP relays, or spam filters. This issue has been patched in version 5.12...
CVE-2020-10087
GitLab before 12.8.2 allows Information Disclosure. Badge images were not being proxied, causing mixed content warnings as well as leaking the IP address of the user...
CVE-2002-1943
SafeTP 1.46, when network address translation NAT is being used, leaks the internal IP address of the FTP server in a response to a passive mode PASV file transfer request...
CVE-2024-44246
The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address t...
CVE-2023-4800 DoLogin Security < 3.7.1 - Subscriber+ IP Address leak
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low privileged users...
CVE-2022-36048 IP address leak via image proxy bypass in Zulip Server
Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. When displaying messages with embedded remote images, Zulip normally loads the image preview via a go-camo proxy server. However, an attacker who can send messages could include a crafted URL...
Researchers Disclose Unpatched Vulnerabilities in Microsoft Teams Software
Microsoft said it won't be fixing or is pushing patches to a later date for three of the four security flaws uncovered in its Teams business communication platform earlier this March. The disclosure comes from Berlin-based cybersecurity firm Positive Security, which found that the implementation ...
CVE-2020-35111
When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox...