PT-2026-5355

Name of the Vulnerable Software and Affected Versions TrustTunnel versions prior to 0.9.114 Description TrustTunnel, an open-source VPN protocol, contains a server-side request forgery and private network restriction bypass. The issue stems from insufficient SSRF protection within the tcp...

SUSE CVE-2016-3739

The 1 mbedconnectstep1 function in lib/vtls/mbedtls.c and 2 polarsslconnectstep1 function in lib/vtls/polarssl.c in cURL and libcurl before 7.49.0, when using SSLv3 or making a TLS connection to a URL that uses a numerical IP address, allow remote attackers to spoof servers via an arbitrary valid...

CVE-2019-12278

Opera through 53 on Android allows Address Bar Spoofing. Characters from several languages are displayed in Right-to-Left order, due to mishandling of several Unicode characters. The rendering mechanism, in conjunction with the "first strong character" concept, may improperly operate on a numeric...

security flaw

OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address...

PT-2003-1047 · Openssh +1 · Openssh +1

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 3.6.1 and earlier Description: The issue allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address, when...

Доступ к исходным текстам PHP в plesk (source disclosure)

Используя числовой адрес вместо виртуального имени сервера можно получить доступ к исзодным текстам...