RHCOS 4 / 9 : OpenShift Container Platform 4.16.z (RHSA-2024:8418)

The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8418 advisory. - github.com/jaraco/zipp: Denial of Service infinite loop via crafted zip file in jaraco/zipp CVE-2024-5569 - Podman: Buildah:...

CVE-2026-26324

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, OpenClaw's SSRF protection could be bypassed using full-form IPv4-mapped IPv6 literals such as 0:0:0:0:0:ffff:7f00:1 which is 127.0.0.1. This could allow requests that should be blocked loopback / private network / link-local metada...

CVE-2026-1974

A vulnerability was identified in Free5GC up to 4.1.0. This affects the function ResolveNodeIdToIp of the file internal/sbi/processor/datapath.go of the component SMF. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit is publicly available and...

EUVD-2025-23853

Malicious code in bioql PyPI...

CVE-2025-2028

Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs...

CVE-2025-2028 Lack of TLS validation

Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs...

CVE-2025-2028 Lack of TLS validation

Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs...

CVE-2025-2028

CVE-2025-2028 affects Check Point Management Log Server. Description: lack of TLS validation when downloading a CSV file that contains IP-to-country mappings used solely for displaying country flags in logs. Root cause: TLS validation is not performed for the CSV download. Impact: integrity could...

Fedora: Security Advisory for asnip (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: asnip-0-0.7.20200618git44ba98b.fc36

Asnip retrieves all IPs used by an organization for surface mapping. It uses the IP or domain name and looks up the Autonomous System Number ASN, retrieves the Classless Inter-Domain Routing CIDR subnet masks and converts them to IPs...

Fedora: Security Advisory for asnip (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: asnip-0-0.6.20200618git44ba98b.fc36

Asnip retrieves all IPs used by an organization for surface mapping. It uses the IP or domain name and looks up the Autonomous System Number ASN, retrieves the Classless Inter-Domain Routing CIDR subnet masks and converts them to IPs...

Stripo Inc: SSRF in /cabinet/stripeapi/v1/siteInfoLookup?url=XXX

Summary: SSRF vulnerability allows mapping the internal network. Steps To Reproduce: It is possible to run internal requests with the siteInfoLookup service. GET /cabinet/stripeapi/v1/siteInfoLookup?url=http://10.0.0.100:8080 HTTP/1.1 Host: my.stripo.email Based on the response we know if the ip ...

MGASA-2014-0483 Updated moodle package fixes security vulnerabilities

In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7 characters could be used to force cross-site scripts to AJAX scripts although this is unlikely on modern browsers and on most Moodle pages MSA-14-0035. In Moodle before 2.6.5, an XSS issue through $searchcourse in...

Multi Gather DNS Service Record Lookup Scan

Enumerates known SRV Records for a given domain using target host DNS query tool. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multi Gather DNS Service Record Lookup Scan', 'Description' = %...

CVE-2008-5398

Tor before 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration option in situations where an exit relay issues a policy-based refusal of a stream, which allows remote exit relays to have an unknown impact by mapping an internal IP address to the destination...

Gauntlet Firewall Vulnerability

In some circumstances NAI Gauntlet firewall performs Network Address Translation in an unexpected manner, causing incorrect routable IP addresses to be generated. This can enable unprivileged users on the protected network to knowingly or unknowingly generate spurious source IP addresses. Vendor...