24 matches found
Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna
...
EUVD-2005-0239
Malware in sbrugna...
EUVD-2005-0235
Malware in sbrugna...
EUVD-2023-54262
Malicious code in bioql PyPI...
CVE-2024-54158
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding...
CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
Unspecified Vulnerability in JetBrains YouTrack
JetBrains YouTrack is a project management tool, developed by JetBrains, supporting cloud hosting and local deployment, providing task management, team collaboration, time tracking and other features for software development, human resources and other scenarios. JetBrains YouTrack suffers from a...
The vulnerability of the JetBrains YouTrack project management and task management software, related to incorrect data encoding, allows attackers to perform spear-phishing attacks.
The vulnerability of the JetBrains YouTrack project management tool is related to incorrect Punycode data encoding. Exploiting this vulnerability could allow attackers to perform brute-force attacks remotely...
CVE-2024-54158
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding...
CVE-2024-54158
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding...
CVE-2024-54158
CVE-2024-54158 is associated with JetBrains YouTrack prior to 2024.3.52635, where a spoofing attack was possible due to missing Punycode encoding. The connected Red Hat, CNVD, CVE lists and Nessus plugin entry corroborate the vulnerability in YouTrack versions before 2024.3.52635. The primary imp...
CVE-2024-54158
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding...
JetBrains YouTrack 安全漏洞
JetBrains YouTrack is a project management tool, developed by JetBrains, supporting cloud hosting and local deployment, providing task management, team collaboration, time tracking and other features for software development, human resources and other scenarios. JetBrains YouTrack suffers from a...
SUSE CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn't call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
The vulnerability of the Grafana monitoring and observation platform, related to deficiencies in access control lists (ACLs), allows attackers to circumvent existing access restrictions.
The vulnerability of the Grafana monitoring and observation platform relates to bypassing a list of restrictions by using punycode encoding in the request URL. Exploiting this vulnerability allows an attacker to circumvent existing access restrictions remotely...
Grafana Enterprise Datasource Network Restrictions Bypass (CVE-2023-4399)
According to its self-reported version number, the version of Grafana Enterprise running on the remote host is a version 9.4.x prior to 9.4.17, 9.5.x prior to 9.5.13, 10.0.x prior to 10.0.9 or 10.1.x prior to 10.1.5. It is, therefore, affected by a restriction bypass vulnerability. In Grafana...
CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
Grafana Security Vulnerabilities
Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. A security vulnerability exists in Grafana Enterprise that stems from a vulnerability that allows an...