EUVD-2025-30469

Malicious code in bioql PyPI...

CVE-2025-47910

When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections...

BIT-GOLANG-2025-47910 CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http

When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections...

DEBIAN-CVE-2025-47910

When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections...

CVE-2025-47910

When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections...

CVE-2024-6437

CVE-2024-6437 affects Arista EOS when policy-based routing (PBR), BGP Flowspec, or interface traffic policy is configured to redirect traffic to a next hop. The issue causes certain IPv4 packets (e.g., with IP options) to bypass the configured nexthop and be slow-path forwarded by the kernel to t...

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from On affected platforms running Arista EOS, if some features are configured to redirect IP traffic to the next hop may bypa...

VulnCheck KEV: CVE-2021-40438

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"

A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...

Cisco ASA Unicast Reverse Path Forwarding (uRPF) Bypass Vulnerability

No description provided by source...

The vulnerability of Cisco Adaptive Security Appliance’s network firewall, which allows attackers to bypass the uPRF inspection mechanism

The vulnerability of the Unicast Reverse Path Forwarding uRPF protection mechanism in Cisco Adaptive Security Appliances exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass the uRPF mechanism, which is designed to protect against I...

Cisco ASA uRFP Bypass Vulnerability (Cisco-SA-20150812-CVE-2015-4321)

Cisco ASA is prone to a Unicast Reverse Path Forwarding Bypass vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

Design/Logic Flaw

The Unicast Reverse Path Forwarding uRPF implementation in Cisco Adaptive Security Appliance ASA Software 9.31.50, 9.32.100, 9.33, and 9.41 mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF...

PT-2015-1894 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 9.31.50 through 9.33 Cisco Adaptive Security Appliance ASA Software version 9.41 Description: The Unicast Reverse Path Forwarding uRPF implementation in Cisco Adaptive Security Appliance...

SEIL/X Series and SEIL/B1 IPv6 Unicast RPF vulnerability

Overview SEIL/X Series and SEIL/B1 contains a vulnerability in which IPv6 Unicast Reverse Path Forwarding RPF does not properly function in strict mode. SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contains a vulnerability in which IPv6 Unicast Reverse Path Forwarding RPF does...

FreeBSD-SA-08:10.nd6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:10.nd6 Security Advisory The FreeBSD Project Topic: IPv6 Neighbor Discovery Protocol routing vulnerability Category: core Module: sysnetinet6 Announced:...