Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CNNVD
CNNVDadded 2026/03/26 12:0 a.m.2 views

Lychee 代码问题漏洞

Lychee is a beautiful and easy-to-use photo management system developed by The Lychee Organisation. It is used for managing and sharing photos. Versions of Lychee prior to 7.5.1 had code vulnerabilities; these vulnerabilities stemmed from incomplete IP verification checks, which failed to prevent...

5.3CVSS5.9AI score0.00042EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/09/17 12:0 a.m.2 views

Dragonfly 安全漏洞

Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly versions prior to 2.1.0, which stems from the Manager's Certificate gRPC service not verifying that the requesting IP address belongs to the peer...

8.7CVSS9AI score0.00056EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/03/08 7:36 p.m.9 views

CVE-2025-27600

FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not perform intranet IP verification, an attacker can initiate an intranet IP request, causing the system to initiate a request through the intranet and potentially obtain some private data on the intrane...

6.9CVSS6.6AI score0.00164EPSS
Exploits0References1
CVE
CVEadded 2025/03/06 7:5 p.m.67 views

CVE-2025-27600

CVE-2025-27600 affects FastGPT prior to version 4.9.0. Root cause: the web crawling plug-in does not verify intranet IPs, enabling an SSRF-like request to access private intranet data. Impact per documents: potential exposure of intranet data; no exploit details provided beyond this. Mitigation: ...

6.9CVSS6.9AI score0.00164EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2025/03/06 12:0 a.m.17 views

PT-2025-10000

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.9.0 Description The issue arises from the web crawling plug-in's failure to perform intranet IP verification. This allows an attacker to initiate an intranet IP request, causing the system to make a request through...

6.9CVSS6.7AI score0.00164EPSS
Exploits0References6
CVE
CVEadded 2023/07/17 8:59 p.m.139 views

CVE-2023-37265

CVE-2023-37265 concerns CasaOS: an authentication bypass via incorrect handling of internal IP addresses in the CasaOS Gateway. The flaw allows an unauthenticated attacker to execute commands with root privileges on CasaOS instances due to IP verification weaknesses. Affected are versions prior t...

9.8CVSS9.7AI score0.91121EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2023/07/17 12:0 a.m.2 views

PT-2023-25869 · Casaos · Casaos

Name of the Vulnerable Software and Affected Versions: CasaOS versions prior to 0.4.4 Description: CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification, an unauthenticated attacker can execute arbitrary commands as root on CasaOS instances. The problem was...

9.8CVSS8AI score0.91121EPSS
Exploits1References18
GitLab Advisory Database
GitLab Advisory Databaseadded 2023/07/17 12:0 a.m.17 views

CasaOS Gateway vulnerable to incorrect identification of source IP addresses

Unauthenticated attackers can execute arbitrary commands as root on CasaOS instances...

9.8CVSS9.7AI score0.91121EPSS
Exploits1References7Affected Software1
CVE
CVEadded 2020/09/08 9:31 a.m.50 views

CVE-2020-3669

CVE-2020-3669 is a buffer overflow in WLAN TCP/IP verification due to an out-of-range pointer offset, affecting Qualcomm Snapdragon product families (APQ8098, IPQ5018, IPQ6018, IPQ8074, Kamorta, MSM8998, Nicobar, QCA6390, QCA8081, QCN7605, QCS404/405/605, Rennell, SA415M, SC7180/SC8180X, SDA845, ...

10CVSS9.3AI score0.00356EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder