12 matches found
Directus 代码问题漏洞
Directus is an open-source real-time API and application dashboard developed by Directus. It is used to manage SQL database content. Versions of Directus prior to 11.16.0 have code vulnerabilities; these vulnerabilities stem from the IP address verification mechanism, which can be bypassed by IPv...
EUVD-2005-0316
Malware in sbrugna...
CVE-2023-37265
CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification an unauthenticated attackers can execute arbitrary commands as root on CasaOS instances. The problem was addressed by improving the detection of client IP addresses in 391dd7f. This patch is part of CasaOS...
Lack Of IP Address Verification
github.com/IceWhaleTech/CasaOS-Gateway is vulnerable to Lack Of IP Address Verification. The vulnerability exists because the gatewayroute.go incorrectly checks the source of an IP, which allows an attacker to inject and execute malicious commands as root on a CasaOS instance...
CVE-2023-37265
CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification an unauthenticated attackers can execute arbitrary commands as root on CasaOS instances. The problem was addressed by improving the detection of client IP addresses in 391dd7f. This patch is part of CasaOS...
Design/Logic Flaw
CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification an unauthenticated attackers can execute arbitrary commands as root on CasaOS instances. The problem was addressed by improving the detection of client IP addresses in 391dd7f. This patch is part of CasaOS...
CVE-2023-37265 Incorrect identification of source IP addresses in CasaOS
CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification an unauthenticated attackers can execute arbitrary commands as root on CasaOS instances. The problem was addressed by improving the detection of client IP addresses in 391dd7f. This patch is part of CasaOS...
CVE-2023-37265 Incorrect identification of source IP addresses in CasaOS
CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification an unauthenticated attackers can execute arbitrary commands as root on CasaOS instances. The problem was addressed by improving the detection of client IP addresses in 391dd7f. This patch is part of CasaOS...
Phony Googlebots Becoming a Real DDoS Attack Tool
Even an enterprise with the harshest, strictest blocking rules in place is likely to leave the door ajar for Google’s search bot software known as a Googlebot. Googlebots crawl websites collecting data along the way in order to build a searchable index that assures a site will be listed and ranke...
Magic Winmail Server 4.0 (Build 1112) download.php Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface allowing both arbitrary file downloads and uploads...
CVE-2007-1527
The CVE-2007-1527 issue affects the LLTD Mapper in Microsoft Windows Vista. It occurs because the LLTD Mapper does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid local-network address, enabling a remote attacker to trick users into communicating wi...
Mail Transport System Professional open mail relay
Mail relayed without IP address verification if smart host ISP relay is configured...