Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 7:41 p.m.5 views

CVE-2026-47389

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, when using Ruby versions older than 3.4, PrivateAddressCheck.privateaddress? returns false for IPv4-mapped IPv6 addresses ::ffff:a.b.c.d corresponding to some private IPv4 addresses,...

8.6CVSS5.9AI score0.00232EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.4 views

CVE-2026-33039

WWBN AVideo is an open source video platform. In versions 25.0 and below, the plugin/LiveLinks/proxy.php endpoint validates user-supplied URLs against internal/private networks using isSSRFSafeURL, but only checks the initial URL. When the initial URL responds with an HTTP redirect Location heade...

8.6CVSS5.8AI score0.00453EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/04/02 8:57 p.m.5 views

bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled

A flaw was found in the bind package which may result in a Denial of Service in named process. This is a result of a reachable assertion, leading named to prematurely terminate when both conditions are met: nxdomain-redirect for the queried domain is configured and the resolver receives a PTR...

7.5CVSS5.7AI score0.01231EPSS
Exploits0References5
OSV
OSV
added 2024/02/13 12:0 a.m.11 views

UBUNTU-CVE-2023-5517

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

7.5CVSS7.2AI score0.01231EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/07/07 12:0 a.m.5 views

PT-2023-25865 · Microsoft +3 · Azure +3

Name of the Vulnerable Software and Affected Versions: OpenComputers versions 1.2.0 through 1.8.3 Description: This issue affects OpenComputers with the Internet Card feature enabled, allowing players to gain access to sensitive information exposed via metadata services' API endpoints, such as...

9.6CVSS8.5AI score0.00786EPSS
Exploits0References9
Rows per page
Query Builder