Lucene search
K

3391 matches found

OSV
OSV
added 2026/06/05 4:34 p.m.8 views

GHSA-Q4X5-8CJ6-52WG Sync-in Server: SSRF protection bypass via IPv4-mapped IPv6 addresses in regExpPrivateIP

Summary: The private IP blocklist regex used in the URL download feature does not match IPv4-mapped IPv6 addresses e.g. ::ffff:127.0.0.1, allowing SSRF protection to be bypassed on dual-stack systems. Affected components backend/src/applications/files/services/files-manager.service.ts –...

7.7CVSS5.4AI score0.00221EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.6 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-8391-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8391-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Cop...

9.8CVSS7AI score0.96775EPSS
Exploits260References14
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Node.js Module axios < 0.32.0 / 1.x < 1.16.0 NO_PROXY Bypass (SSRF)

The version of the axios Node.js module installed on the remote host is prior to 0.32.0 or 1.x prior to 1.16.0. It is, therefore, affected by the following vulnerability: - shouldBypassProxy, introduced in v1.15.0 to fix CVE-2025-62718, does not normalise IPv4-mapped IPv6 addresses. When NOPROXY...

8.6CVSS5.4AI score0.00889EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2026/06/04 9:23 p.m.12 views

USN-8391-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS7.2AI score0.96775EPSS
Exploits260
RedHat Linux
RedHat Linux
added 2026/06/03 3:25 p.m.8 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/03 11:45 a.m.9 views

CVE-2026-48682

A flaw was found in FastNetMon Community Edition. This vulnerability, located in the IPv4 packet parser, allows a remote attacker to send specially crafted network packets. This can lead to an out-of-bounds read, potentially disclosing sensitive information or causing the system to crash, resulti...

5.9CVSS5.8AI score0.00267EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.23 views

Linux Distros Unpatched Vulnerability : CVE-2026-48682

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the...

5.9CVSS5.6AI score0.00267EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/02 12:0 a.m.33 views

CVE-2026-48682

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...

0.00267EPSS
Exploits0References3
CVE
CVE
added 2026/06/02 12:0 a.m.17 views

CVE-2026-48682

CVE-2026-48682 affects FastNetMon Community Edition up to 1.2.9. Multiple sources (NVD, Red Hat, Ubuntu OSVs, Debian tracker, Tenable) describe an out-of-bounds read in the IPv4 packet parser. After validating at least 20 bytes of an IPv4 header, the code advances by 4 × IHL without validating th...

5.9CVSS5.9AI score0.00267EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/02 12:0 a.m.8 views

CVE-2026-48682

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...

5.9AI score0.00267EPSS
Exploits0References4
Hacker One
Hacker One
added 2026/05/31 5:50 p.m.21 views

curl: curl/libcurl 8.20.0 NOPROXY bypass via uppercase-hex IPv4 aliases leaks off-proxy Basic credentials to the configured proxy

Summary: curl/libcurl 8.20.0 fails to enforce CURLOPTNOPROXY, --noproxy, and NOPROXY consistently for uppercase-hex IPv4 aliases such as 0X7f.1 on glibc-based systems that accept these legacy numeric IPv4 forms. When a canonical IP literal is excluded from proxying, curl sends the canonical form...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/30 4:17 p.m.13 views

CVE-2026-10124

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function ripzebrareadipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

9CVSS0.00472EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/30 3:45 p.m.37 views

CVE-2026-10124 Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based overflow

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function ripzebrareadipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

9CVSS0.00472EPSS
Exploits0References4
CVE
CVE
added 2026/05/30 3:45 p.m.19 views

CVE-2026-10124

CVE-2026-10124 affects Shibby Tomato up to version 1.28. The vulnerability targets the function rip_zebra_read_ipv4 in /usr/sbin/ripd (Zserv Handler) and can cause a stack-based buffer overflow via remote impact. Public exploit has been disclosed. The project is superseded by FreshTomato and appl...

9CVSS7.7AI score0.00472EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/29 3:59 p.m.8 views

Server-side Request Forgery (SSRF)

Overview axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the shouldBypassProxy function. An attacker can access internal or metadata endpoints by crafting request URLs in IPv4-mapped IPv6...

8.6CVSS5.8AI score0.00889EPSS
Exploits1References2
SUSE Linux
SUSE Linux
added 2026/05/29 3:24 p.m.9 views

Security update for perl-Net-CIDR-Lite

This update for perl-Net-CIDR-Lite fixes the following issues CVE-2026-45190: improper validation of trailing newlines or non-ASCII digits can lead to IP ACL bypass bsc1264710. CVE-2026-45191: extraneous leading zeros in CIDR mask values can lead to IP ACL bypass bsc1264709. CVE-2026-40198: missi...

7.5CVSS5.8AI score0.00311EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.9 views

PT-2026-45067

Summary CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can...

7.1CVSS6AI score0.00054EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2026/05/29 12:0 a.m.55 views

📄 EspoCRM 9.3.3 Server-Side Request Forgery

EspoCRM version 9.3.3 suffers from an authenticated server-side request forgery vulnerability. Exploit Title: EspoCRM 9.3.3 - Authenticated SSRF via Alternative IPv4 Notation Google Dork: N/A Date: 2026-05-08 Exploit Author: Max Gabriel https://github.com/EntroVyx Vendor Homepage:...

4.3CVSS5.8AI score0.01978EPSS
Exploits5
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/29 12:0 a.m.11 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

5.9AI score0.00054EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/29 12:0 a.m.24 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

5.9AI score0.00054EPSS
Exploits0References3
Rows per page
Query Builder