CVE-2019-17636

In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's filesystem, given...

CVE-2025-31490

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.1, AutoGPT allows SSRF due to DNS Rebinding in requests wrapper. AutoGPT is built with a wrapper around Python's requests library, hardenin...

Linux Distros Unpatched Vulnerability : CVE-2016-9014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding...

Ollama < 0.1.29 DNS Rebinding

According to the self-reported version in its response header, the version of Ollama hosted on the remote web server is 0.1.29. It is, therefore, affected by a DNS Rebinding. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported versi...

CVE-2024-53275

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. I...

CVE-2024-53275 GHSL-2024-091: DNS rebinding attack in home-gallery

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. I...

CVE-2024-53275 GHSL-2024-091: DNS rebinding attack in home-gallery

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. I...

CVE-2024-53275

Home-Gallery.org (versions 1.15.0 and earlier) is vulnerable to DNS rebinding due to default exposure without TLS or authentication. An attacker can lure a user to a malicious site, then switch DNS to point to the internal Home-Gallery host and read the web server’s responses, potentially exfiltr...

BIT-NODE-MIN-2021-22884

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DN...

CentOS 6 : thunderbird (RHSA-2020:5238)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5238 advisory. - Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted...

PT-2024-27017 · Apache · Apache Allura

Name of the Vulnerable Software and Affected Versions: Apache Allura versions 1.0.1 through 1.16.0 Description: The import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to...

WordPress TablePress plugin <= 2.3 - Authenticated (Author+) Server-Side Request Forgery via DNS Rebind vulnerability

Authenticated Author+ Server-Side Request Forgery via DNS Rebind vulnerability discovered by Tobias Weißhaar kun19 in WordPress Plugin TablePress versions = 2.3.1...

The vulnerability of Ollama’s system for running and managing large language models (LLMs) lies in its reliance on reverse DNS resolution for IP addresses. This allows attackers to perform DNS Rebinding attacks or cause service failures.

The vulnerability of Ollama’s system for running and managing large language models is related to the use of reverse DNS resolution for IP addresses. Exploiting this vulnerability could allow a remote attacker to perform a DNS Rebinding attack or cause a service failure...

CVE-2023-52235

SpaceX Starlink Wi-Fi router GEN 2 before 2023.53.0 and Starlink Dish before 07dd2798-ff15-4722-a9ee-de28928aed34 allow CSRF e.g., for a reboot via a DNS Rebinding attack...

Server-Side Request Forgery (SSRF)

Label Studio is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to faulty SSRF validation which executes a single DNS lookup to verify that the IP address is not in an excluded subnet range. This protection can be bypassed by either using HTTP redirection or performing a...

PYSEC-2024-127

Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the SSRFPROTECTIONENABLED environment variable can be bypassed to access...

CVE-2023-47116 Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections

Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the SSRFPROTECTIONENABLED environment variable can be bypassed to access...

Ubuntu 16.04 ESM / 18.04 ESM : Node.js vulnerabilities (USN-4796-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4796-1 advisory. Alexander Minozhenko and James Bunton discovered that Node.js did not properly handle wildcards in name fields of X.509 TLS certificates. An...

CVE-2023-26492 Directus vulnerable to Server-Side Request Forgery On File Import

Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery SSRF when importing a file from a remote web server POST to /files/import. An attacker can bypass the security controls by performing a DNS rebinding attack and...

ALPINE-CVE-2022-43548

A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...