Lucene search
+L

218 matches found

Elastic
Elastic
added 2025/01/22 3:4 p.m.11 views

Kibana 8.15.0 Security Update (ESA-2024-29, ESA-2024-30)

Kibana server-side request forgery ESA-2024-29 A server side request forgery vulnerability was identified in Kibana where the /api/fleet/healthcheck API could be used to send requests to internal endpoints. Due to the nature of the underlying request, only endpoints available over https that retu...

7.7CVSS6.4AI score0.0041EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/01/08 12:0 a.m.29 views

openSUSE 15 Security Update : etcd (openSUSE-SU-2025:0003-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0003-1 advisory. Update to version 3.5.12: Bump golang.org/x/crypto to v0.17+ to address CVE-2023-48795 test: fix TestHashKVWhenCompacting: ensure all goroutine...

9.8CVSS7.4AI score0.93305EPSS
Exploits4References15
OSV
OSV
added 2025/01/07 3:4 p.m.24 views

OPENSUSE-SU-2025:0003-1 Security update for etcd

This update for etcd fixes the following issues: Update to version 3.5.12: Bump golang.org/x/crypto to v0.17+ to address CVE-2023-48795 test: fix TestHashKVWhenCompacting: ensure all goroutine finished print error log when creating peer listener failed mvcc: Printing etcd backend database related...

9.8CVSS7.8AI score0.93305EPSS
Exploits4References10
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.5 views

Microsoft PC Manager 后置链接漏洞

Microsoft PC Manager is a computer management software from Microsoft USA that allows one-click acceleration, system space management, pop-up window management, and full health check. Microsoft PC Manager suffers from a backlink vulnerability. An attacker can exploit this vulnerability to elevate...

7.8CVSS6.2AI score0.00627EPSS
Exploits0References2
OSV
OSV
added 2024/08/21 3:11 p.m.22 views

GO-2022-0615 Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul

Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul...

7.5CVSS7.4AI score0.08676EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/24 5:30 a.m.4 views

Malicious code in health-check-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ef9d93b4469df4d458d4c4a226b45fa7baf7760a84cd3d8b5fc84fb990e0e6ba The OpenSSF Package Analysis project identified 'health-check-nodejs' @ 3.16.1 npm as malicious. It is considered malicious because: - The packa...

7.2AI score
Exploits0
OSV
OSV
added 2024/07/24 5:30 a.m.6 views

MAL-2024-7836 Malicious code in health-check-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ef9d93b4469df4d458d4c4a226b45fa7baf7760a84cd3d8b5fc84fb990e0e6ba The OpenSSF Package Analysis project identified 'health-check-nodejs' @ 3.16.1 npm as malicious. It is considered malicious because: - The packa...

7.4AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/05/29 10:16 a.m.4 views

SUSE CVE-2022-29224

Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can "hold" prevent removal upstrea...

5.9CVSS5.7AI score0.00948EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 10:52 a.m.32 views

BIT-CONSUL-2022-29153

HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5...

7.5CVSS7.5AI score0.08676EPSS
Exploits0References7
VulnCheck KEV
VulnCheck KEV
added 2023/11/13 12:0 a.m.2 views

VulnCheck KEV: CVE-2022-29153

HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5...

7.5CVSS6.8AI score0.08676EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/11/08 1:27 a.m.44 views

Important: Red Hat Security Advisory: Node Health Check Operator 0.6.1 security update

This is an updated version for the node-healthcheck-must-gather-container, the node-healthcheck-operator-bundle-container, the node-healthcheck-operator-container, and the node-remediation-console-container. It is now available for Node Health Check Operator 0.6 for RHEL 8. Red Hat Product Securi...

7.5CVSS7.1AI score0.99999EPSS
Exploits20References4
RedHat Linux
RedHat Linux
added 2023/11/08 1:18 a.m.47 views

Important: Red Hat Security Advisory: Node Health Check Operator 0.4.1

This is an updated version of the Node Health Check Operator. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

7.5CVSS7.1AI score0.99999EPSS
Exploits20References4
RedHat Linux
RedHat Linux
added 2023/10/23 6:31 p.m.58 views

Important: Red Hat Security Advisory: Self Node Remediation Operator 0.7.1 security update

This is an updated version of the Self Node Remediation Operator. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS7AI score0.99999EPSS
Exploits20References4
Positive Technologies
Positive Technologies
added 2023/07/21 12:0 a.m.6 views

PT-2023-26185 · Dapr · Dapr

Name of the Vulnerable Software and Affected Versions: Dapr versions prior to 1.10.9 Dapr versions prior to 1.11.2 Description: A vulnerability has been found in Dapr that allows bypassing API token authentication with a well-crafted HTTP request. This issue impacts Dapr users who have configured...

7.5CVSS7.3AI score0.01129EPSS
Exploits1References11
Spring Security Advisories
Spring Security Advisories
added 2023/07/11 12:0 a.m.21 views

This Week in Spring - July 11th, 2023

Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm in yummy, sunny Jakarta, Indonesia at the moment, preparing for a week of meetings and the SpringOne Tour Indonesia event later this week. I'll also be speaking in Kuala Lumpur, Malaysia on July 20th, 2023 . If you're in...

7AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/07/05 12:0 a.m.78 views

Active Health Check strategies with Spring Cloud Gateway

Active health check strategies with Spring Cloud Gateway Nowadays, applications are built as a collection of small independent upstream services. This accelerates development and allows modules to be focused on specific responsibilities, increasing their quality. This is one of the main advantage...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2023/05/26 12:0 a.m.14 views

WordPress Health Check & Troubleshooting Plugin < 1.6.0 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:healthcheck%26troubleshooting"; ifdescription...

8.8CVSS7AI score0.00271EPSS
Exploits0References1
OSV
OSV
added 2023/05/25 10:15 a.m.3 views

CVE-2022-47161

Cross-Site Request Forgery CSRF vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin = 1.5.1 versions...

8.8CVSS5.8AI score0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/25 9:4 a.m.39 views

CVE-2022-47161 WordPress Health Check & Troubleshooting Plugin <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin = 1.5.1 versions...

4.3CVSS9.1AI score0.00271EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/25 12:0 a.m.14 views

WordPress plugin Health Check & Troubleshooting 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS7.8AI score0.00271EPSS
Exploits0References2
Rows per page
Query Builder