-
Synopsis
DNS-rebinding allows a website that is open locally to connect to the local Zcash node.ImpactA website could attempt to brute force a password and then spend funds or extract private keys.…
-
Hello,
I was wondering if it would be possible to add support to rebind a domain to a `cname`. That would allow an attacker to access some internal hosts without knowing the internal IP address, p…
-
## CVE-2021-22884 - High Severity Vulnerability
Vulnerable Library - sulinosv13.2.0
Indipendent distro uses inary package system. Sulin is roolling donkey
Library home page: https://sourceforge.net…
-
the following way of avoiding local access is not enough:
https://github.com/neo-project/neo-modules/blob/32aacc468ad43600817daabbec834e715017d962/src/OracleService/Protocols/OracleHttpsProtocol.cs…
-
If the Linux host system is configured with systemd-resolved it prepend the DNS server of docksal to /etc/resolv.conf.
After some time resolved resets the /etc/resolv.conf to default configuration en…
-
There was a huge DNS rebinding attack in Transmission discovered recently. Super crazy.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1447
TLDR, transmission runs an RPC server that …
-
**Context**
- CLI Version: nextdns version 1.41.0
- Platform: x86 Arch Linux
I downloaded the `nextdns` package in the AUR.
<Describe the bug>
Every time I reboot my computer or resume i…
-
This is a fork of uWiki, seen here: https://github.com/sdassow/wiking
It's added a lot of features and polish from the original version I tried packaging in the experimental market. But the securit…
-
Over the years, we've received many bug bounty reports relating to Server side request forgery (SSRF) attacks. In a nutshell, these attacks use short-lived DNS entries to direct Web hooks and other UR…
-
**Context**
- CLI Version: 3.013
- Platform: Windows 11 App
<Describe the bug>
After starting NextDNS for Windows, I lose access to the configuration page of the TP-link Router that I use t…