Server-Side Request Forgery (SSRF)

Dragonfly is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper validation of user-supplied URLs in the Manager API and peer communication, which allows an attacker to force internal components to send requests to arbitrary or internal services, potentially...

CVE-2023-21669

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address...

PT-2025-22278

Name of the Vulnerable Software and Affected Versions vLLM versions 0.6.5 through 0.8.4 Description vLLM, an inference and serving engine for large language models LLMs, contains a remote code execution issue. This impacts environments utilizing the PyNcclPipe KV cache transfer integration with t...

CVE-2024-23688

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed...

openSUSE Security Update : transmission (openSUSE-SU-2014:0980-1)

transmission was updated to fix a peer communication vulnerability no known exploits. bnc887079, CVE-2014-4909. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-484. The text...

Kelihos P2P Botnet Leveraging Composite Blocking Lists

Kelihos, the peer-to-peer botnet with nine lives, keeps popping up with new capabilities that enable it to sustain itself and make money for its keepers by pushing spam, harvesting credentials and even stealing Bitcoins. According to a number of sources, Kelihos is now leveraging legitimate and...

Waledac: March, 2010

Though not nearly as large or important a botnet, Waledac – which counted fewer than 100,000 infected hosts at its height – was notable for the tactics that researchers used to dismantle the botnet. Microsoft worked with a group of researchers at the University of Mannheim, the University of Vien...

Waledac Botnet Now Completely Crippled, Experts Say

After Microsoft’s actions to take down the Waledac botnet last month, there was some question about whether the operation was much more than a grab for headlines that would have little effect on actual spam levels or malware infections. But more than three weeks after the takedown, researchers sa...

p2p-conficker NSE Script

Checks if a host is infected with Conficker.C or higher, based on Conficker's peer to peer communication. When Conficker.C or higher infects a system, it opens four ports: two TCP and two UDP. The ports are random, but are seeded with the current week and the IP of the infected host. By determini...