20 matches found
CVE-2026-45179
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no...
CVE-2026-45179
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no...
EUVD-2019-7289
Malware in sbrugna...
EUVD-2008-6697
Malware in sbrugna...
EUVD-2021-19522
Malware in sbrugna...
PT-2022-23141 · Unknown · Zulip Server
Name of the Vulnerable Software and Affected Versions: Zulip Server versions prior to 5.6 Description: The issue arises when displaying messages with embedded remote images. Normally, Zulip loads the image preview via a go-camo proxy server. However, an attacker who can send messages could includ...
CVE-2021-22169
GitLab EE 13.4+ is identified as leaking internal IP addresses via error messages (CVE-2021-22169). Available sources consistently describe an information-disclosure issue in GitLab Enterprise Edition that reveals internal IPs through error handling. The concrete details beyond the high-level des...
CVE-2020-35111
When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox...
Design/Logic Flaw
When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox...
Mozilla: The proxy.onRequest API did not catch view-source URLs
The Mozilla Foundation Security Advisory describes this flaw as: When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have...
Updated firefox packages fix security vulnerabilities
When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read CVE-2020-16042. Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow in WebGL on some video drivers CVE-2020-26971. Certain inpu...
Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps
Cybersecurity researchers over the weekend disclosed new security risks associated with link previews in popular messaging apps that cause the services to leak IP addresses, expose links sent via end-to-end encrypted chats, and even unnecessarily download gigabytes of data stealthily in the...
CVE-2020-10087
GitLab before 12.8.2 has a CVE-2020-10087 information-disclosure vulnerability: badge images were not proxied, causing mixed-content warnings and leaking the user IP address. The issue affects GitLab’s self-hosted Git repository platform prior to the 12.8.2 release. Remediation is to upgrade to G...
CVE-2018-17780
CVE-2018-17780 affects Telegram Desktop (tdesktop) 1.3.14 and Telegram 3.3.0.0 WP8.1 on Windows. The root cause is an unsafe default that accepts P2P connections from outside the user’s My Contacts list, enabling leakage of both public and private IP addresses during calls. The vulnerability is d...
Fedora 22 : mediawiki (2015-122a831a05)
T94116 SECURITY: Compare API watchlist token in constant time - T97391 SECURITY: Escape error message strings in thumb.php - T106893 SECURITY: Don't leak autoblocked IP addresses on Special:DeletedContributions - T102562 Fix InstantCommons parameters to handle the new HTTPS-only policy of...
CVE-2006-6893
Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through 1 ICMP timestamps, 2 TCP sequence numbers, and 3 TCP timestamps, ...
CVE-2006-4352
CVE-2006-4352 affects Cisco 11000 series Content Service Switches where the ArrowPoint cookie functionality can reveal an internal IP address if a string option is not specified. The underlying issue is exposure of internal networking information, enabling remote attackers to obtain sensitive inf...
Private IP address leaked in HTTP headers
This web server leaks a private IP address through its HTTP headers. SPDX-FileCopyrightText: 2001 Alert4Web.com, 2003 Westpoint Ltd Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
SafeTP 1.46 - Passive Mode Internal IP Address Revealing
SafeTP 1.46 - Passive Mode Internal IP Address Revealing source: https://www.securityfocus.com/bid/5822/info SafeTP is a freely available, open source secure ftp client-server software package. It is available for Unix, Linux, and Microsoft Operating Systems. It has been reported that under some...
DST2K0032: Multiple Issues with Talentsoft WebPlus Application Server
============================================================================ Delphis Consulting Plc ============================================================================ Security Team Advisories 19/09/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...