7 matches found
CVE-2026-49129 Music Player Daemon < 0.24.11 SSRF via CurlInputPlugin
Music Player Daemon MPD before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPTFOLLOWLOCATION is set without CURLOPTREDIRPROTOCOLSSTR, allowing unauthenticated attackers to bypass the http/https scheme restriction by causing a malicious HTTP...
CVE-2025-40570
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 V10.0, SIPROTEC 5 7ST85 CP300 All versions V10.0, SIPROTEC 5 7ST86 CP300 All versions V10.0, SIPROTEC ...
CVE-2025-40570
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 V10.0, SIPROTEC 5 7ST85 CP300 All versions V10.0, SIPROTEC 5 7ST86 CP300 All versions V10.0, SIPROTEC ...
Bosch IP cameras Information Disclosure Vulnerability
Bosch IP cameras are network cameras from Bosch, Germany. An information disclosure vulnerability exists in Bosch IP cameras that originates from allowing an unauthenticated attacker to retrieve information about the device itself and the device's network settings. The following products and...
AZL-11046 CVE-2022-35252 affecting package curl for versions less than 7.86.0-1
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
curl 安全漏洞
curl is a tool for transferring data from or to a server. A security vulnerability exists in curl version 7.83.0, which stems from the possibility that the curl command-line tool may mistakenly delete files when --no-clobber is used in conjunction with --remove-on-error. A remote attacker can use...
CVE-2021-23847
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and...