PT-2026-25782

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by manipulating the Device Location field. Attackers can inject malicious scripts through the System Status interface that...

CVE-2021-21382

Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...

CVE-2018-16216

A command injection missing input validation, escaping in the monitoring or memory status web interface in AudioCodes 405HD firmware 2.2.12 VoIP phone allows an authenticated remote attacker in the same network as the device to trigger OS commands like starting telnetd or opening a reverse shell...

PT-2023-31143 · Unknown · Uptime Kuma

Name of the Vulnerable Software and Affected Versions: Uptime Kuma versions prior to 1.23.7 Description: The Google Analytics element in Uptime Kuma is vulnerable to Attribute Injection, leading to Cross-Site-Scripting XSS attacks. This occurs because the custom status interface can set an...

CVE-2021-21382

Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...

Design/Logic Flaw

Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...

CVE-2021-21382 Unsafe loopback forwarding interface in Restund

Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...

PT-2021-4479 · Restund · Restund

Name of the Vulnerable Software and Affected Versions: Restund affected versions not specified Description: The issue is related to the Restund TURN server, which can be instructed to open a relay to the loopback address range, potentially exposing private services running on localhost. An attack...

ALPINE-CVE-2021-20215

A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the show-status CGI handler when memory allocations fail can lead to a system crash...

UBUNTU-CVE-2021-20215

A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the show-status CGI handler when memory allocations fail can lead to a system crash...

UBUNTU-CVE-2021-20209

A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured...

PT-2021-13846 · Privoxy +3 · Privoxy +3

Name of the Vulnerable Software and Affected Versions: Privoxy versions prior to 3.0.29 Description: A flaw in Privoxy can cause memory leaks in the show-status CGI handler when memory allocations fail, potentially leading to a system crash. Recommendations: For versions prior to 3.0.29, update t...