MAL-2026-5838 Malicious code in tn-advertisement (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b13ed4147b360eee88a36d9fe649dccbef37cf9019072841e697b88b6e4d3d2 On require, index.js performs an unconditional http.get to a unique subdomain of oastify.com Burp Suite Collaborator out-of-band testing...

EUVD-2026-36327

Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo. Valid public IP addresses ca...

CVE-2026-50224 Unauthenticated IPv6 WAN Management Exposure

The web administration panel binds broadly to the public IPv6 address space on port :::8080 without default firewall limits, making internal API endpoints reachable over the WAN...

Malicious code in @omni-corp-infra/sso-bridge-core (npm)

Dependency confusion and typosquatting campaign by threat actor "saif777". Packages use inflated version numbers 9999.9999.9999, 9999.9999.10000, 50.50.50, 7.66.5 to win version resolution in environments with private registries. All active packages execute a postinstall hook "node index.js" that...

Malicious code in @enterprise-core/auth-gateway-bridge (npm)

Dependency confusion and typosquatting campaign by threat actor "saif777". Packages use inflated version numbers 9999.9999.9999, 9999.9999.10000, 50.50.50, 7.66.5 to win version resolution in environments with private registries. All active packages execute a postinstall hook "node index.js" that...

EUVD-2020-6445

Malware in sbrugna...

EUVD-2025-29356

Malicious code in bioql PyPI...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the ip.isPublic and ip.isPrivate functions. An attacker can interact with internal network resources by supplying specially crafted IP address such as null route "0" that is being incorrectly...

CVE-2025-59436

The CVE-2025-59436 entry concerns the npm package ip (node-ip) up to version 2.0.1, where an SSRF vulnerability can be triggered because the IP value 017700000001 is misclassified as globally routable by isPublic. This follows an incomplete fix for CVE-2024-29415. The base score is 3.2 (LOW) with...

PT-2025-37863

Name of the Vulnerable Software and Affected Versions ip aka node-ip versions through 2.0.1 Description The ip aka node-ip package may allow Server-Side Request Forgery SSRF due to the improper categorization of the IP address value 017700000001 as globally routable via the isPublic function. Thi...

Malicious code in public-address-generator (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-5574 Malicious code in public-address-generator (PyPI)

--- -= Per source details. Do not edit below this line.=-...

AZL-34379 CVE-2023-42282 affecting package nodejs for versions less than 16.20.2-3

The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses such as 0x7f.1 are improperly categorized as globally routable via isPublic...

PT-2024-2322

Name of the Vulnerable Software and Affected Versions ip package versions prior to 1.1.9 Description The issue is related to the improper categorization of certain IP addresses as globally routable via the isPublic function. This can lead to security issues such as Server-Side Request Forgery SSR...

CVE-2022-27873

An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360’s document parser. The vulnerability exists in the application’s ‘Insert SVG’ procedure. An attacker can also leverage this vulnerability to obtain...

openstack-tripleo-heat-templates: data leak of internal URL through keystone_authtoken

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the wwwauthenticateuri parameter which is visible to all end users in configuration files. This would give sensitive...

Race condition

privateaddresscheck ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use TOCTOU race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a public address but the subsequent resolution is a...

IBM Lotus Domino R8 - Password Hash Extraction

IBM Lotus Domino R8 - Password Hash Extraction Exploit Title: IBM Lotus Domino = R8 Password Hash Extraction Exploit Google Dork: inurl:names.nsf?opendatabase Date: 02-24-2016 Exploit Author: Jonathan Broche Contact: https://twitter.com/g0jhonny Vendor Homepage:...

IBM Lotus Domino R8 - Password Hash Extraction Exploit

Exploit for windows platform in category web applications Exploit Title: IBM Lotus Domino = R8 Password Hash Extraction Exploit Google Dork: inurl:names.nsf?opendatabase Date: 02-24-2016 Exploit Author: Jonathan Broche Contact: https://twitter.com/g0jhonny Vendor Homepage:...

IBM Lotus Domino R8 - Password Hash Extraction

Exploit Title: IBM Lotus Domino = R8 Password Hash Extraction Exploit Google Dork: inurl:names.nsf?opendatabase Date: 02-24-2016 Exploit Author: Jonathan Broche Contact: https://twitter.com/g0jhonny Vendor Homepage: https://www-01.ibm.com/software/lotus/category/messaging/ Tested on: Lotus Domino...