Linux Distros Unpatched Vulnerability : CVE-2021-39927

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server side request forgery protections in GitLab CE/EE versions between 8.4 and 14.4.4, between 14.5.0 and 14.5.2, and between 14.6.0 and 14.6.1 would fail to...

Server-side Request Forgery (SSRF)

Overview request-filtering-agent is an An https.Agent implementation that block request Private IP address. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the HTTPS request handling process. An attacker can access internal services by sending specially...

CVE-2025-57814

request-filtering-agent is an https.Agent implementation that blocks requests to Private/Reserved IP addresses. Versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. This allows attackers to...

CVE-2025-57814 request-filtering-agent SSRF Bypass via HTTPS Requests

request-filtering-agent is an https.Agent implementation that blocks requests to Private/Reserved IP addresses. Versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. This allows attackers to...

CVE-2025-57814 request-filtering-agent SSRF Bypass via HTTPS Requests

request-filtering-agent is an https.Agent implementation that blocks requests to Private/Reserved IP addresses. Versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. This allows attackers to...

CVE-2025-57814

CVE-2025-57814 affects the http(s).Agent implementation in request-filtering-agent. Vulnerability: HTTPS requests to 127.0.0.1 bypass IP filtering, allowing potential access to internal HTTPS services and bypass of SSRF protection when user-supplied URLs are used. HTTP requests are blocked as int...

CVE-2025-57814 request-filtering-agent SSRF Bypass via HTTPS Requests

request-filtering-agent is an https.Agent implementation that blocks requests to Private/Reserved IP addresses. Versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. This allows attackers to...

request-filtering-agent SSRF Bypass via HTTPS Requests to 127.0.0.1

request-filtering-agent versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. Impact: Vulnerable patterns requests that should be blocked but are allowed: - https://127.0.0.1:443/api -...

GHSA-PW25-C82R-75MM request-filtering-agent SSRF Bypass via HTTPS Requests to 127.0.0.1

request-filtering-agent versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. Impact: Vulnerable patterns requests that should be blocked but are allowed: - https://127.0.0.1:443/api -...

PT-2025-34712 · Pypi · Request-Filtering-Agent

Name of the Vulnerable Software and Affected Versions: request-filtering-agent versions 1.x.x and earlier Description: request-filtering-agent is an https.Agent implementation designed to block requests to Private/Reserved IP addresses. HTTPS requests to 127.0.0.1 bypass IP address filtering, whi...

Linux Distros Unpatched Vulnerability : CVE-2006-2229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the...

TencentOS Server 4: moby (TSSA-2025:0667)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0667 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2022-47909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Livestatus Query Language LQL injection in the AuthUser HTTP query header of Tribe29's Checkmk = 2.1.0p11, Checkmk = 2.0.0p28, and all versions of Checkmk 1.6.0...

Linux Distros Unpatched Vulnerability : CVE-2021-20199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized...

Linux Distros Unpatched Vulnerability : CVE-2024-1488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime...

CVE-2025-9097 Euro Information CIC banque et compte en ligne App com.cic_prod.bad AndroidManifest.xml improper export of android application components

A vulnerability was found in Euro Information CIC banque et compte en ligne App 12.56.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cicprod.bad. The manipulation leads to improper export of android application...

PT-2025-33623 · Euroinformation · Euro Information Cic Banque Et Compte En Ligne App

Name of the Vulnerable Software and Affected Versions: Euro Information CIC banque et compte en ligne App version 12.56.0 Description: A vulnerability exists due to improper export of android application components within the AndroidManifest.xml file of the com.cic prod.bad component. This allows...

Linux Distros Unpatched Vulnerability : CVE-2023-2431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but...

PT-2025-33631 · 1&1 · Mail.Com App +1

Name of the Vulnerable Software and Affected Versions: 1&1 Mail & Media mail.com App version 8.8.0 Description: A security vulnerability has been detected due to improper export of Android application components. The issue affects an unknown function within the AndroidManifest.xml file of the...

Linux Distros Unpatched Vulnerability : CVE-2018-18506

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify...