Lucene search
K

17 matches found

NVD
NVD
added 2026/06/23 4:17 p.m.14 views

CVE-2026-55568

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, in certain configurations, traffic expected to be protected by TLS on the hop to the proxy is transmitted in cleartext. Proxy authentication credentials the Proxy-Authorization header, proxy userinfo in the proxy URL, or CURLOPTPROXYUSERPW...

5.9CVSS0.00106EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : NetworkManager-1.40.16-18.el8_10.ML.1 (AXSA:2025-9552:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9552:02 advisory. Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routi...

7.6CVSS5.8AI score0.04063EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-17883

Malware in sbrugna...

7.5CVSS7.3AI score0.01473EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2023-40616

Malicious code in bioql PyPI...

7.3CVSS7.4AI score0.00622EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 3: Bug fix of NetworkManager (Moderate) (TSSA-2025:0044)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0044 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.6CVSS7.4AI score0.04063EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:40 p.m.7 views

CVE-2021-30966

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations...

7.5CVSS5.6AI score0.01473EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.12 views

Alibaba Cloud Linux 3 : 0008: NetworkManager (ALINUX3-SA-2025:0008)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0008 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-3661: DHCP can add routes to a clients...

7.6CVSS7.4AI score0.04063EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/09/17 12:0 a.m.4 views

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS version 13.7, which originates from network traffic that may leak outside of a VPN tunnel...

7.5CVSS6.3AI score0.00784EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/09/16 12:0 a.m.2 views

PT-2024-31000 · Apple · Visionos +6

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7 iOS versions prior to 17.7 iPadOS versions prior to 17.7 visionOS versions prior to 2 macOS Sonoma versions prior to 14.7 macOS Sequoia versions prior to 15 Description: A logic issue was addressed with improved...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References12
Opera Security Advisories
Opera Security Advisories
added 2024/06/12 12:0 a.m.10 views

Does the TunnelVision vulnerability affect Opera’s free VPN?

Privacy Does the TunnelVision vulnerability affect Opera’s free VPN? Share June 12th, 2024 Hello! You may have heard recently about a new type of vulnerability called TunnelVision that makes it possible for a malicious actor to bypass VPN protection. So you will be happy to know that Opera’s free...

8.8CVSS6.8AI score0.05036EPSS
Exploits4References1
Palo Alto Networks
Palo Alto Networks
added 2024/05/16 4:0 p.m.98 views

Impact of TunnelVision Vulnerability

The Palo Alto Networks Product Security Assurance team has evaluated the TunnelVision vulnerability as it relates to our products. This issue allows an attacker with the ability to send DHCP messages on the same local area network, such as a rogue Wi-Fi network, to leak traffic outside of the...

7.6CVSS7AI score0.04063EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/06 6:31 p.m.25 views

CVE-2024-3661 DHCP routing options can manipulate interface-based VPN traffic

DHCP can add routes to a client’s routing table via the classless static route option 121. VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify...

7.6CVSS7.6AI score0.04063EPSS
Exploits1References20
RedhatCVE
RedhatCVE
added 2024/03/25 5:53 p.m.16 views

CVE-2021-47160

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: fix VLAN traffic leaks PCRMATRIX field was set to all 1's when VLAN filtering is enabled, but was not reset when it is disabled, which may cause traffic leaks: ip link add br0 type bridge vlanfiltering 1 ip link...

6CVSS7.1AI score0.00233EPSS
Exploits0References4
OSV
OSV
added 2024/03/25 10:15 a.m.10 views

CVE-2021-47160

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: fix VLAN traffic leaks PCRMATRIX field was set to all 1's when VLAN filtering is enabled, but was not reset when it is disabled, which may cause traffic leaks: ip link add br0 type bridge vlanfiltering 1 ip link...

7.1CVSS6.8AI score
Exploits0References5
Cvelist
Cvelist
added 2023/08/09 12:0 a.m.25 views

CVE-2023-36673

An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by the VPN client, while...

7.4AI score0.00622EPSS
Exploits1References3
Cisco
Cisco
added 2023/08/08 3:0 p.m.120 views

Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables Affecting Cisco AnyConnect Secure Mobility Client and Cisco Secure Client

On August 8, 2023, the paper Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables was made public. The paper discusses two attacks that can cause VPN clients to leak traffic outside the protected VPN tunnel. In both instances, an attacker can manipulate routing exceptions that...

7.3CVSS5.9AI score0.00681EPSS
Exploits2References1
Apple
Apple
added 2021/12/13 12:0 a.m.49 views

About the security content of macOS Monterey 12.1

About the security content of macOS Monterey 12.1 This document describes the security content of macOS Monterey 12.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or release...

9.8CVSS9.6AI score0.18024EPSS
Exploits7References1Affected Software1
Rows per page
Query Builder