22 matches found
Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna
...
EUVD-2005-0235
Malware in sbrugna...
EUVD-2005-0239
Malware in sbrugna...
EUVD-2023-54262
Malicious code in bioql PyPI...
CVE-2024-54158
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding...
CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
Unspecified Vulnerability in JetBrains YouTrack
JetBrains YouTrack is a project management tool, developed by JetBrains, supporting cloud hosting and local deployment, providing task management, team collaboration, time tracking and other features for software development, human resources and other scenarios. JetBrains YouTrack suffers from a...
CVE-2024-54158
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding...
CVE-2024-54158
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding...
CVE-2024-54158
CVE-2024-54158 is associated with JetBrains YouTrack prior to 2024.3.52635, where a spoofing attack was possible due to missing Punycode encoding. The connected Red Hat, CNVD, CVE lists and Nessus plugin entry corroborate the vulnerability in YouTrack versions before 2024.3.52635. The primary imp...
CVE-2024-54158
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding...
JetBrains YouTrack 安全漏洞
JetBrains YouTrack is a project management tool, developed by JetBrains, supporting cloud hosting and local deployment, providing task management, team collaboration, time tracking and other features for software development, human resources and other scenarios. JetBrains YouTrack suffers from a...
SUSE CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn't call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
Grafana Enterprise Datasource Network Restrictions Bypass (CVE-2023-4399)
According to its self-reported version number, the version of Grafana Enterprise running on the remote host is a version 9.4.x prior to 9.4.17, 9.5.x prior to 9.5.13, 10.0.x prior to 10.0.9 or 10.1.x prior to 10.1.5. It is, therefore, affected by a restriction bypass vulnerability. In Grafana...
CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
CVE-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the...
Grafana Security Vulnerabilities
Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. A security vulnerability exists in Grafana Enterprise that stems from a vulnerability that allows an...
Grafana datasource network restrictions bypass
Grafana is an open-source platform for monitoring and observability. In Grafana, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used punycode encoding of the characters in...
CVE-2005-0237
The International Domain Name IDN support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing...