Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/01/29 10:15 p.m.2 views

CVE-2026-24902

TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcpforwarder.rs, SSRF protection for allowprivatenetworkconnections = false was only applied in the TcpDestination::HostNamepeer path. The...

7.1CVSS0.00048EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/01/29 9:21 p.m.4 views

CVE-2026-24902

TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcpforwarder.rs, SSRF protection for allowprivatenetworkconnections = false was only applied in the TcpDestination::HostNamepeer path. The...

7.1CVSS5.9AI score0.00048EPSS
Exploits1References3Affected Software1
EUVD
EUVDadded 2026/01/29 9:21 p.m.3 views

EUVD-2026-4951

TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcpforwarder.rs, SSRF protection for allowprivatenetworkconnections = false was only applied in the TcpDestination::HostNamepeer path. The...

7.1CVSS5.9AI score0.00048EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2003-0380

Malware in sbrugna...

7.5CVSS8AI score0.09637EPSS
Exploits1References19
OSV
OSVadded 2016/05/20 2:59 p.m.1 views

DEBIAN-CVE-2016-3739

The 1 mbedconnectstep1 function in lib/vtls/mbedtls.c and 2 polarsslconnectstep1 function in lib/vtls/polarssl.c in cURL and libcurl before 7.49.0, when using SSLv3 or making a TLS connection to a URL that uses a numerical IP address, allow remote attackers to spoof servers via an arbitrary valid...

5.3CVSS7.1AI score0.01068EPSS
Exploits0References1
OpenVAS
OpenVASadded 2014/09/18 12:0 a.m.33 views

openSUSE: Security Advisory for curl (openSUSE-SU-2014:1139-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.2AI score0.0182EPSS
Exploits0References1
F5 Networks
F5 Networksadded 2007/05/16 12:0 a.m.54 views

SOL2617 - Reverse name resolution vulnerability in SSH - CVE-2003-0386

OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address...

7.5CVSS7.8AI score0.09637EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2003/06/10 12:0 a.m.44 views

OpenSSH < 3.6.2 Reverse DNS Lookup Bypass

According to its banner, the remote host appears to be running OpenSSH-portable version 3.6.1 or older. There is a flaw in such version that could allow an attacker to bypass the access controls set by the administrator of this server. OpenSSH features a mechanism that can restrict the list of...

7.5CVSS7.6AI score0.09637EPSS
Exploits1References1
Rows per page
Query Builder