Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file
Bulwark Webmail getClientIP() trusted client-controlled X-Forwarded-For value, enabling rate limit bypass and audit log forgery
Shynet before 0
URL (HTTP Origin) call location spoofing in Szafir SDK Web
AVideo vulnerable to IP Address Spoofing via Untrusted HTTP Headers in getRealIpAddr()
Fastify request.protocol and request.host spoofable via X-Forwarded-Proto/Host from untrusted connections when trustProxy uses restrictive trust fu...
Header Poisoning in Raytha CMS
wpDiscuz before 7.6.47 - IP Address Spoofing in getIP()
In Meshtastic, an attacker can spoof licensed amateur flag for a node
In Bun before 1
AA Block country <= 1.0.1 - Unauthenticated IP Address Spoofing via X-Forwarded-For Header
PbootCMS Header handle.php get_user_ip less trusted source
In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a...
Termix' official Docker image contains an authentication bypass vulnerability
RICOH Streamline NX versions 3
Movable Type contains an issue with use of less trusted source
RICOH Streamline NX V3 PC Client versions 3
Fabio allows HTTP clients to manipulate custom headers it adds
The optional feature 'Anti-Virus & Sandbox' of i-FILTER contains an issue with improper pattern file validation
Bypass Connection Restriction Vulnerability in Hitachi Ops Center Analyzer
Showing 1 - 20 of 1,000+ results