CVE-2026-44971 GuardDog: Blind GitHub URL rewrite in remote project scanning causes SSRF and `GH_TOKEN` exfiltration

GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 to 2.9.0, the programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credentials with the resulting request. This allows an...

CVE-2026-44971 GuardDog: Blind GitHub URL rewrite in remote project scanning causes SSRF and `GH_TOKEN` exfiltration

GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 to 2.9.0, the programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credentials with the resulting request. This allows an...

GuardDog 安全漏洞

GuardDog is an open-source CLI tool developed by GuardDog, which allows for the identification of malicious PyPI packages. Versions 1.0.0 to 2.9.0 of GuardDog contain security vulnerabilities. These vulnerabilities stem from the use of blind strings in the programmatic remote project scanning...

EUVD-2007-3114

Malware in sbrugna...

SonicWall HTTP Login Scanner

This module adds HTTP Login scanning for SonicWall NSv. It allows scanning both admin and user accounts. Module Options msf use auxiliary/scanner/sonicwall/loginscanner msf auxiliaryloginscanner show actions ...actions... msf auxiliaryloginscanner set ACTION msf auxiliaryloginscanner show options...

CVE-2025-27669

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning XSPA/DoS OVE-20230524-0013...

Vasion Print 资源管理错误漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print versions prior to 22.0.843 and Application 20.0.1923 that stems from allowing remote network scanning and denial of service attacks...

Micro Focus Fortify ScanCentral DAST Security Vulnerability

Micro Focus Fortify ScanCentral DAST is a Fortify hosted remote scanning application from Micro Focus UK. A security vulnerability exists in Micro Focus Fortify ScanCentral DAST that stems from incorrect privilege assignment. An attacker could exploit the vulnerability to elevate privileges. The...

Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters

Kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster you don't own! Run kube-hunter : kube-hunter is available as a...

[SpiderFoot v2.0] The Open Source Footprinting tool

SpiderFoot is a free, open-source footprinting tool, enabling you to perform various scans against a given domain name in order to obtain information such as sub-domains, e-mail addresses, owned netblocks, web server versions and so on. The main objective of SpiderFoot is to automate the...

SAP NetWeaver - Unauthorized logon page

Application: SAP NetWeaver Versions Affected: 7.00 7.0014.20050509144048.0000 Vendor URL: http://www.sap.com Bugs: Missing Authorization Check Exploits: NO Reported: 20.08.2010 Vendor response: 23.08.2010 Date of Public Advisory: 12.02.2014 Reference: SAP Security Note 1860923 Author: Alexander...

RHEL 2.1 : sane-backends (RHSA-2003:285)

Updated SANE packages that resolve a number of vulnerabilities with the saned daemon are now available. SANE is a package for using document scanners. Sane includes a daemon program called saned that enables a single machine connected to a scanner to be used remotely. This program contains severa...

IP ID could allow to scan a masquerade network.

Hello, I was working on a new implementation of the IPID scann also known has idle scan in the nmap man page or pixie-scan as i call it During my test I think I discover a new way to use this type of scan : Synopsis ------------- Using the gateway of a masquerade network as a witness relay host f...