14 matches found
CVE-2024-52594
Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit c4f1e01 fixes this issue. Users are advised to upgrade. Users unable to upgrade shoul...
Gomatrixserverlib Server-Side Request Forgery (SSRF) on redirects and federation
Impact Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. Patches c4f1e01eab0dd435709ad15463ed38a079ad6128 fixes this issue. Workarounds Use a local firewall to limit the network segments and hosts the...
GHSA-4FF6-858J-R822 Gomatrixserverlib Server-Side Request Forgery (SSRF) on redirects and federation
Impact Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. Patches c4f1e01eab0dd435709ad15463ed38a079ad6128 fixes this issue. Workarounds Use a local firewall to limit the network segments and hosts the...
CVE-2024-52594
Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit c4f1e01 fixes this issue. Users are advised to upgrade. Users unable to upgrade shoul...
CVE-2024-52594 Server-Side Request Forgery (SSRF) on redirects and federation in gomatrixserverlib
Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit c4f1e01 fixes this issue. Users are advised to upgrade. Users unable to upgrade shoul...
CVE-2024-52594 Server-Side Request Forgery (SSRF) on redirects and federation in gomatrixserverlib
Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit c4f1e01 fixes this issue. Users are advised to upgrade. Users unable to upgrade shoul...
CVE-2024-52594 Server-Side Request Forgery (SSRF) on redirects and federation in gomatrixserverlib
Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit c4f1e01 fixes this issue. Users are advised to upgrade. Users unable to upgrade shoul...
CVE-2024-52594
Gomatrixserverlib (Go library for Matrix federation) is affected by a server-side request forgery (SSRF) vulnerability that could have allowed a service using gomatrixserverlib to access content from a private network under certain conditions. The issue is rooted in redirects/handling that could ...
CubeCoders AMP 安全漏洞
AMP is a software application. for tracking all issues and bugs within the CubeCoders AMP platform. A security vulnerability exists in CubeCoders AMP versions prior to 2.1.x series 2.1.1.2 that allows an authenticated remote user to open a port in the local system firewall by writing an HTTPS...
Windows Defender Firewall: Domain Profile: Apply local firewall rules
The policy determines whether the local firewall rules are merged with GP settings when connected to a domain network. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the...
Design/Logic Flaw
Forcepoint User ID FUID server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on...
CVE-2019-6139
Forcepoint User ID FUID server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on...
Windows Defender Firewall: Public Profile: Apply local firewall rules
The policy determines whether the local firewall rules are merged with GP settings when connected to a public network. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Updated fail2ban packages fix CVE-2013-2178
Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. When using Fail2ban to monitor Apache logs, improper input validation in log parsing could enabl...