Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2026/06/19 9:16 p.m.11 views

Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms

Summary The remediation shipped in mailpit v1.29.2 for GHSA-mpf7-p9x7-96r3 CVE-2026-27808 is incomplete. The tools.IsInternalIP deny-list relies on Go's stdlib classification helpers IsLoopback, IsPrivate, IsLinkLocalUnicast, IsLinkLocalMulticast, IsUnspecified, IsMulticast plus an inline CGNAT...

5.8CVSS6AI score
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/17 9:22 a.m.7 views

kernel: ipv6: use RCU in ip6_xmit()

A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...

5.3AI score0.00197EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.12 views

PT-2026-40612

Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...

6CVSS5.8AI score0.00162EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/21 12:0 a.m.5 views

PT-2023-8524 · D Link · D-Link R15

Name of the Vulnerable Software and Affected Versions: D-Link R15 versions prior to 1.08.02 Description: The issue is related to a lack of firewall restrictions for IPv6 traffic, allowing attackers to access services running on the device that may be listening via IPv6. This can enable unauthoriz...

5.3CVSS5.2AI score0.00492EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2017/11/03 12:0 a.m.3 views

The vulnerability of the DNS server Dnsmasq, caused by overflow in the dynamic memory buffer, allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the DNS server Dnsmasq arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures or execute arbitrary code using a specially crafted IPv6 request...

9.8CVSS7.8AI score0.93307EPSS
Exploits5References24Affected Software4
Rows per page
Query Builder