CVE-2026-33357

CVE-2026-33357 affects Meari client applications that embed com.meari.sdk, including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label

CVE-2026-45182

GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let systemserver transmit UDP traffic on its behalf. This occurs when the "Block connections without VPN" a...

CVE-2025-55276

HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout...

CVE-2025-55276 HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability

HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout...

EUVD-2018-5309

Malware in sbrugna...

EUVD-2019-17552

Malware in sbrugna...

EUVD-2018-18355

Malware in sbrugna...

EUVD-2022-41723

Malicious code in bioql PyPI...

EUVD-2025-28984

Malicious code in bioql PyPI...

EUVD-2022-7407

Malicious code in bioql PyPI...

CVE-2025-59055

InstantCMS is a free and open source content management system. A blind Server-Side Request Forgery SSRF vulnerability in InstantCMS up to and including 2.17.3 allows authenticated remote attackers to make nay HTTP/HTTPS request via the package parameter. It is possible to make any HTTP/HTTPS...

CVE-2025-59055

CVE-2025-59055 concerns InstantCMS up to version 2.17.3, where a blind SSRF vulnerability exists in the installer’s package parameter. The underlying issue allows an authenticated attacker to make arbitrary HTTP/HTTPS requests, enabling actions such as scanning internal networks, invoking local s...

CVE-2022-43689

Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to XXE based DNS requests leading to IP disclosure...

CVE-2019-8097

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an internal ip disclosure vulnerability. Successful exploitation could lead to...

CVE-2019-19910

The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 1.35 and/or 1.34 mishandles certain HTML attributes, as demonstrated by IMG onmouseover= impact is XSS and IMG src=http impact is disclosing the client's IP address. This can occur within a talk page topical header that is viewed...

CVE-2022-39178

Webvendome - webvendome Internal Server IP Disclosure. Send GET Request to the request which is shown in the picture. Internal Server IP and Full path disclosure...

CVE-2024-51992 Method Exposure Vulnerability in Modals in orchid/platform

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

PT-2024-7861 · Unknown · Orchid Platform

Name of the Vulnerable Software and Affected Versions: Orchid Platform versions 8 through 14.42.x Description: The issue is a method exposure problem in the Orchid Platform’s asynchronous modal functionality, allowing attackers to call arbitrary methods within the Screen class. This could lead to...

Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Outlook Web App OWA / Client Access Server CAS IIS HTTP Internal IP Disclosure', 'Description' = %q This module tests vulnerable IIS HTTP header...

WordPress plugin RSFirewall 1.1.25 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...