CVE-2026-0613

The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...

CVE-2024-39589

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLCv3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to...

EUVD-2024-34597

Malicious code in bioql PyPI...

EUVD-2025-7793

Malicious code in bioql PyPI...

CVE-2025-27600

FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not perform intranet IP verification, an attacker can initiate an intranet IP request, causing the system to initiate a request through the intranet and potentially obtain some private data on the intrane...

CVE-2024-34026

A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to...

CVE-2024-39589

CVE-2024-39589 concerns multiple invalid pointer dereference vulnerabilities in the OpenPLC_v3 Runtime EtherNet/IP parser, specifically within the Protected_Logical_Read_Reply path. The flaw stems from dereferencing truncated addresses due to memmove usage on request-derived values, enabling a cr...

CVE-2022-43605

An out-of-bounds write vulnerability exists in the SetAttributeList attributecountrequest functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote cod...

CVE-2022-43605

An out-of-bounds write vulnerability exists in the SetAttributeList attributecountrequest functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote cod...

CVE-2022-43606

A use-of-uninitialized-pointer vulnerability exists in the Forward Open connectionmanagemententry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a seri...

PT-2023-14270 · Unknown · Eip Stack Group Opener

Name of the Vulnerable Software and Affected Versions: EIP Stack Group OpENer version 58ee13c Description: A use-of-uninitialized-pointer issue exists in the Forward Open connection management entry functionality. This can be triggered by a specially-crafted EtherNet/IP request, leading to the us...

SUSE CVE-2021-21273

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key...

CVE-2018-0060

An improper input validation weakness in the device control daemon process dcd of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not...

CVE-2013-1838

OpenStack Compute Nova Grizzly, Folsom 2012.2, and Essex 2012.1 does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service resource exhaustion and failure to spawn new instances via a large number of calls to the addFixedIp function...

CVE-2002-2234

NetScreen ScreenOS pre-4.0.1 is affected: remote attackers can bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests. The available documents confirm the vulnerability and affected version, but do not provide remediation steps or exploit details.

CVE-2002-2234

NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests...