CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

OSV•added 2026/01/23 2:28 a.m.•1 views

GO-2026-4312 Envoy Extension Policy lua scripts injection causes arbitrary command execution in github.com/envoyproxy/gateway

Envoy Extension Policy lua scripts injection causes arbitrary command execution in github.com/envoyproxy/gateway...

8.8CVSS5.8AI score0.00005EPSS

Exploits1References2

Snyk•added 2026/01/13 6:47 p.m.•2 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the EnvoyExtensionPolicy resource. An attacker can execute arbitrary commands and access sensitive credentials by injecting malicious Lua scripts. This can lead to privilege escalation, theft of secrets, and...

9.2CVSS7.9AI score0.00005EPSS

Exploits1References2

Snyk•added 2026/01/13 6:47 p.m.•1 views

Arbitrary Code Injection

9.2CVSS7.9AI score0.00005EPSS

Exploits1References2

OSV•added 2025/01/14 6:16 p.m.•3 views

CVE-2025-21403

On-Premises Data Gateway Information Disclosure Vulnerability...

6.4CVSS7.3AI score0.00169EPSS

Exploits0References1

OSV•added 2023/09/13 8:15 p.m.•1 views

CVE-2023-40850

netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway...

7.5CVSS5.8AI score

Exploits0References1

OSV•added 2022/11/08 10:15 p.m.•1 views

CVE-2022-27510

Unauthorized access to Gateway user capabilities...

9.8CVSS7.3AI score

Exploits0References1

OSV•added 2020/06/10 10:15 p.m.•1 views

UBUNTU-CVE-2020-13898

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janussdpprocess in sdp.c has a NULL pointer dereference...

7.5CVSS7.1AI score0.0065EPSS

Exploits1References6