45 matches found
SUSE CVE-2024-4032
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...
EUVD-2020-7858
Malware in sbrugna...
EUVD-2020-26447
Malware in sbrugna...
EUVD-2024-20847
Malicious code in bioql PyPI...
EUVD-2023-31829
Malicious code in bioql PyPI...
CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
CVE-2023-2754
The Cloudflare WARP client for Windows assigns loopback IPv4 addresses for the DNS Servers, since WARP acts as local DNS server that performs DNS queries in a secure manner, however, if a user is connected to WARP over an IPv6-capable network, te WARP client did not assign loopback IPv6 addresses...
K000150749: Python vulnerability CVE-2024-4032
Security Advisory Description The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network,...
F5 Networks BIG-IP : Python vulnerability (K000150749)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000150749 advisory. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as...
Amazon Linux 2 : python-pip (ALAS-2025-2799)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2799 advisory. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as globally reachable or private. This affected the isprivate and isglobal properties of...
Low: python3
Issue Overview: The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address...
Low: python-ipaddress
Issue Overview: The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address...
Low: python-ipaddress
Issue Overview: The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address...
CVE-2024-23336
MyBB is a free and open source forum software. The default list of disallowed remote hosts does not contain the 127.0.0.0/8 block, which may result in a Server-Side Request Forgery SSRF vulnerability. The Configuration File's Disallowed Remote Addresses list $config'disallowedremoteaddresses'...
CVE-2024-23336
CVE-2024-23336 concerns MyBB (prior to 1.8.38) where the default Disallowed Remote Addresses list did not include 127.0.0.0/8, enabling potential SSRF against internal resources. The issue stems from the configuration in inc/config.php where disallowed_remote_addresses contains 127.0.0.1 but omit...
CVE-2024-23336 Incomplete disallowed remote addresses list in MyBB
MyBB is a free and open source forum software. The default list of disallowed remote hosts does not contain the 127.0.0.0/8 block, which may result in a Server-Side Request Forgery SSRF vulnerability. The Configuration File's Disallowed Remote Addresses list $config'disallowedremoteaddresses'...
BIT-DISCOURSE-2023-28111 Discourse vulnerable to SSRF protection bypass possible with IPv4-mapped IPv6 addresses
Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the beta and tests-passed branches, attackers are able to bypass Discourse's server-side request forgery SSRF protection for private IPv4 addresses by using a IPv4-mapped IPv6 address. The issue is patched in the...
PT-2023-8453
Name of the Vulnerable Software and Affected Versions glibc affected versions not specified Description A flaw was found in glibc, where the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements...
PT-2023-21198 · Cloudflare · Cloudflare Warp Client For Windows
Name of the Vulnerable Software and Affected Versions: Cloudflare WARP client for Windows affected versions not specified Description: The Cloudflare WARP client for Windows assigns loopback IPv4 addresses for the DNS Servers, as it acts as a local DNS server that performs DNS queries in a secure...
Indicator-Intelligence - Finds Related Domains And IPv4 Addresses To Do Threat Intelligence After Indicator-Intelligence Collects Static Files
Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files. Done Related domains, IPs collect Installation From Source Code You can use virtualenv for package dependencies before installation. git clone...