CVE-2026-8993 Improper URL Handler Processing in D.Launcher 2 enables NTLM Credential Disclosure and SSRF attacks

D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...

CVE-2018-12678

Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks...

CVE-2021-33510

Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file...

CVE-2021-22970

Concrete CMS formerly concrete5 versions 8.5.6 and below and version 9.0.0 allow local IP importing causing the system to be vulnerable toa. SSRF attacks on the private LAN servers by reading files from the local LAN. An attacker can pivot in the private LAN and exploit local network appsandb. SS...

EUVD-2020-18456

Malware in sbrugna...

EUVD-2021-0751

Malware in sbrugna...

EUVD-2021-2351

Malware in sbrugna...

EUVD-2017-3078

Malware in sbrugna...

EUVD-2019-13810

Malware in sbrugna...

EUVD-2017-16520

Malware in sbrugna...

EUVD-2016-4672

Malware in sbrugna...

EUVD-2017-7359

Malware in sbrugna...

EUVD-2017-14622

Malware in sbrugna...

EUVD-2016-3306

Malware in sbrugna...

EUVD-2015-3665

Malware in sbrugna...

EUVD-2020-28899

Malware in sbrugna...

EUVD-2014-9129

Malware in sbrugna...

EUVD-2020-0141

Malware in sbrugna...

EUVD-2016-5312

Malware in sbrugna...

EUVD-2016-6902

Malware in sbrugna...