202 matches found
PT-2026-45842
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simple packet parser ng.cpp, after validating that the packet contains at least sizeofipv4 header t bytes 20 bytes, the code advances the local pointer by '4 ipv4 header-get ihl' line 164...
CVE-2026-48682
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...
CVE-2026-45850
CVE-2026-45850 relates to the Linux kernel’s IPVS handling of IPv6: protocol checksum validation can fail when IPv6 extension headers precede the protocol header. The fix uses iph->len as the offset rather than the previous value, addressing the miscalc that allowed incorrect checksums. Affect...
CVE-2026-43634
CVE-2026-43634 affects HestiaCP versions 1.2.0–1.9.4. The vulnerability is an IP spoofing flaw: unauthenticated attackers can send arbitrary IPs via the CF-Connecting-IP header, bypassing authentication controls and Cloudflare network verification. This can defeat fail2ban brute-force protections...
Astra Linux - уязвимость в mod-wsgi
A vulnerability was discovered in modwsgi. The X-Client-IP header is not removed from a request sent from a trusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application. The condition necessary to remove the X-Client-IP header is missing...
EUVD-2026-26635
In the Linux kernel, the following vulnerability has been resolved: net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1. gsofeaturescheck reads iph-fragoff to decide whether to clear mangleidfeatures...
EUVD-2026-24823
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet totlen and ihl fields parsed from decrypted IPTFS payloads in inputprocesspayload. A crafted ESP packet containing an inner...
CVE-2026-31472
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet totlen and ihl fields parsed from decrypted IPTFS payloads in inputprocesspayload. A crafted ESP packet containing an inner...
CVE-2026-31472 xfrm: iptfs: validate inner IPv4 header length in IPTFS payload
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet totlen and ihl fields parsed from decrypted IPTFS payloads in inputprocesspayload. A crafted ESP packet containing an inner...
PT-2026-34377
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet tot len and ihl fields parsed from decrypted IPTFS payloads in input process payload. A crafted ESP packet containing an inne...
GHSA-M547-HP4W-J6JX Vikunja has a Rate-Limit Bypass for Unauthenticated Users via Spoofed Headers
Summary Unauthenticated users are able to bypass the application's built-in rate-limits by spoofing the X-Forwarded-For or X-Real-IP headers due to the rate-limit relying on the value of echo.Context.RealIP. Details In the first file below, the rate-limit for unauthenticated users can be observed...
Vikunja has a Rate-Limit Bypass for Unauthenticated Users via Spoofed Headers
Summary Unauthenticated users are able to bypass the application's built-in rate-limits by spoofing the X-Forwarded-For or X-Real-IP headers due to the rate-limit relying on the value of echo.Context.RealIP. Details In the first file below, the rate-limit for unauthenticated users can be observed...
Vikunja has a Rate-Limit Bypass for Unauthenticated Users via Spoofed Headers
Unauthenticated users are able to bypass the application's built-in rate-limits by spoofing the X-Forwarded-For or X-Real-IP headers due to the rate-limit relying on the value of echo.Context.RealIP...
Vikunja 安全漏洞
Vikunja is an open-source to-do application developed by Vikunja developers. Versions of Vikunja from 0.8 to 2.2.0 contained security vulnerabilities. These vulnerabilities stemmed from a rate-limiting mechanism that relied on RealIP values. This allowed unverified users to bypass rate limits by...
CVE-2026-22201
wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTPCLIENTIP or HTTPXFORWARDEDFOR headers to spoof their IP address and circumvent...
CVE-2026-22201 wpDiscuz before 7.6.47 - IP Address Spoofing in getIP()
wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTPCLIENTIP or HTTPXFORWARDEDFOR headers to spoof their IP address and circumvent...
CVE-2026-29054 Traefik: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`)
Traefik is an HTTP reverse proxy and load balancer. From version 2.11.9 to 2.11.37 and from version 3.1.3 to 3.6.8, there is a potential vulnerability in Traefik managing the Connection header with X-Forwarded headers. When Traefik processes HTTP/1.1 requests, the protection put in place to preve...
CVE-2026-29054
CVE-2026-29054 (Traefik) affects Traefik HTTP reverse proxy/load balancer from versions 2.11.9–2.11.37 and 3.1.3–3.6.8. The issue arises when Traefik processes HTTP/1.1 requests: the protection that prevents removal of Traefik-managed X-Forwarded headers via the Connection header compares tokens ...
traefik CVE-2024-45410 fix bypass: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`)
Impact There is a potential vulnerability in Traefik managing the Connection header with X-Forwarded headers. When Traefik processes HTTP/1.1 requests, the protection put in place to prevent the removal of Traefik-managed X-Forwarded headers such as X-Real-Ip, X-Forwarded-Host, X-Forwarded-Port,...
Brute Force
Overview Affected versions of this package are vulnerable to Brute Force via the authentication rate limiting process. An attacker can bypass authentication rate limiting by forging the X-Real-IP header, allowing unlimited authentication attempts from a single source. Remediation Upgrade...