CVE-2010-0384

Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log...

Linux Distros Unpatched Vulnerability : CVE-2025-62699

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia Foundation Mediawiki - Translate Extension allows Footprinting...

EUVD-2019-16221

Malware in sbrugna...

EUVD-2010-0415

Malware in sbrugna...

EUVD-2022-49452

Malicious code in bioql PyPI...

CVE-2025-53539

FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. fastapi-guard's penetration attempts detection uses regex to scan incoming requests. However, some of the regex patterns used in detection are extremely...

CVE-2025-53539

FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. fastapi-guard's penetration attempts detection uses regex to scan incoming requests. However, some of the regex patterns used in detection are extremely...

CVE-2022-46649

Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device...

CVE-2002-1839

Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message...

PT-2024-11699 · WordPress · Wp Limit Login Attempts

Name of the Vulnerable Software and Affected Versions: Limit Login Attempts Plus plugin for WordPress versions up to, and including, 1.1.0 Description: The issue arises from insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions...

CVE-2024-0868

The coreActivity: Activity Logging plugin for WordPress plugin before 2.1 retrieved IP addresses of requests via headers such X-FORWARDED to log them, allowing users to spoof them by providing an arbitrary value...

WordPress plugin Hide My WP Ghost 数据伪造问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2022-46649

Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device...

Command injection

Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device...

CVE-2022-46649

CVE-2022-46649 affects Acemanager in ALEOS prior to 4.16. An authenticated user can manipulate the IP logging operation to execute arbitrary shell commands on the device. Public material (e.g., Red Hat, NVD, Trellix blogs) confirms an authenticated command-injection vector with CVSS v3.1 base sco...

CVE-2022-46649

Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device...

CVE-2022-46649

Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device...

ProtonMail Forced to Log IP Address of French Activist

The privacy-hugging, end-to-end encryption-providing email provider ProtonMail was forced to log the IP address of a French activist and turn it over to Europol, according to a French police report that came to light over the weekend. The activist was arrested as a result. In the wake of the news...

Sierra Wireless AirLink ES450 Operating System Command Injection Vulnerability

The Sierra Wireless AirLink ES450 is a cellular network modem device from Sierra Wireless Canada. An operating system command injection vulnerability exists in the ACEManager iplogging.cgi function in the Sierra Wireless AirLink ES450 with firmware version 4.9.3, which can be exploited by an...

Chaturbate: DoS attacks utilizing camo.stream.highwebmedia.com

DoS attacks utilizing camo.stream.highwebmedia.com Summary The asset proxy at camo.stream.highwebmedia.com used to embed external images linked by users fails to enforce 1. a timeout on slow responses if a little data is sent every 10 seconds a kind of "reverse-slowloris" attack 1. a size limit o...