Lucene search
K

759 matches found

Redos
Redos
added 2025/09/11 12:0 a.m.3 views

ROS-20250911-01

A vulnerability in the DNS load balancer and proxy for DNS traffic DNSdist is related to the assertion of availability when support for inbound DNS over HTTPS is enabled using the nghttp2 provider, and requests are are routed to a TCP-only backend or DNS over TLS. Exploitation of the vulnerabilit...

7.5CVSS7.3AI score0.01078EPSS
Exploits0
CVE
CVE
added 2025/09/08 9:14 p.m.22 views

CVE-2025-57816

CVE-2025-57816 concerns the Fides Webserver API rate limiting. The issue arises in deployments that rely on the built‑in IP‑based rate limiter in proxied environments (CDNs, proxies, load balancers): limits are applied to the immediate connection IP rather than the client IP, and counters are sto...

7.5CVSS6.3AI score0.00406EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/04 10:46 p.m.5 views

Security Bulletin: Astronomer with IBM is vulnerable to unintentional traffic forwarding due to kube-proxy (CVE-2021-25736)

Summary Kube-proxy is used by Astronomer with IBM as part of Kubernetes functionality. Vulnerability Details CVEID:CVE-2021-25736 DESCRIPTION: Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port “spec.ports.port” as a LoadBalancer Service when t...

6.3CVSS6.1AI score0.00908EPSS
Exploits0Affected Software1
Redos
Redos
added 2025/09/04 12:0 a.m.5 views

ROS-20250904-05

Vulnerability of DNS load balancer and proxy for DNS traffic DNSdist is related to insufficient checking of incoming TCP connections from the client. of incoming TCP connections from the client. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS8.2AI score0.00592EPSS
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-37773 Malicious code in uniform-alb-project (npm)

The package uniform-alb-project was found to contain malicious code...

7.2AI score
Exploits0
NVD
NVD
added 2025/08/11 3:15 p.m.7 views

CVE-2012-10039

ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec call without sanitation. An authenticated attacker can inject arbitrary shell commands, resulting in remote code executio...

9.4CVSS0.02451EPSS
Exploits0References5
CVE
CVE
added 2025/08/11 2:55 p.m.16 views

CVE-2012-10039

CVE-2012-10039 affects ZEN Load Balancer versions 2.0 and 3.0-rc1. A command injection exists in content2-2.cgi where the filelog parameter is passed directly to a backtick-delimited exec() call without sanitization, allowing an authenticated attacker to execute arbitrary shell commands and achie...

9.4CVSS8.4AI score0.02451EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/11 2:55 p.m.8 views

CVE-2012-10039 ZEN Load Balancer Filelog Command Execution

ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec call without sanitation. An authenticated attacker can inject arbitrary shell commands, resulting in remote code executio...

9.4CVSS0.02451EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/11 2:55 p.m.1 views

CVE-2012-10039 ZEN Load Balancer Filelog Command Execution

ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec call without sanitation. An authenticated attacker can inject arbitrary shell commands, resulting in remote code executio...

9.4CVSS8.4AI score0.02451EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/11 12:0 a.m.3 views

Zevenet Zen Load Balancer 安全漏洞

Zevenet Zen Load Balancer is an application delivery controller from Zevenet, Spain. A security vulnerability exists in Zevenet Zen Load Balancer version 2.0 and 3.0-rc1, which stems from an unvalidated filelog parameter being passed directly to the exec function, which could lead to remote code...

9.4CVSS7.8AI score0.02451EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.2 views

PT-2025-32552 · Unknown +1 · Zen Load Balancer +2

Name of the Vulnerable Software and Affected Versions: ZEN Load Balancer versions 2.0 ZEN Load Balancer version 3.0-rc1 Description: ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection issue in the content2-2.cgi file. The filelog parameter is passed directly to an exec call...

9.4CVSS7.5AI score0.02451EPSS
Exploits0References7
Chainguard
Chainguard
added 2025/08/09 1:17 p.m.9 views

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: kubebuilder, nginx-prometheus-exporter, nemo, mongo-tools, dive, azuredisk-csi-fips, volume-modifier-for-k8s, grafana-pyroscope, crossplane-provider-sql, eks-distro-fips, fixuid, rclone, rke2-runtime, flux-image-reflector-controller, karpenter-fips,...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.4 views

A10 Networks AX Loadbalancer 安全漏洞

A10 Networks AX Loadbalancer is a load balancer appliance from A10 Networks, USA. A security vulnerability exists in A10 Networks AX Loadbalancer 2.6.1-GR1-P5 and 2.7.0 and earlier versions, which stems from an unvalidated filename parameter that could lead to path traversal and information...

8.8CVSS8.7AI score0.01932EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2025/07/29 1:40 p.m.4 views

mod_proxy_cluster bug fix update

An update is available for modproxycluster. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The modproxycluster module is a plugin for the Apache HTTP Server tha...

5.4CVSS5.4AI score0.0026EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/29 12:0 a.m.7 views

MongoDB 6.0.x < 6.0.23 / 7.0.x < 7.0.20 / 8.0.x < 8.0.9 Incorrect Handling of Incomplete Data (SERVER-106753)

The version of MongoDB installed on the remote host is 6.0 prior to 6.0.23, 7.0 prior to 7.0.20 and 8.0 prior to 8.0.9. It is, therefore, affected by a vulnerability as referenced in the SERVER-106753 advisory. - MongoDB Server's mongos component can become unresponsive to new connections due to...

7.5CVSS5.8AI score0.00307EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/09 3:14 p.m.5 views

CVE-2025-6714

MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...

7.5CVSS7.3AI score0.00307EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/07/09 12:0 a.m.5 views

FreeBSD : MongoDB -- Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections (79251dc8-5bc5-11f0-834f-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 79251dc8-5bc5-11f0-834f-b42e991fc52e advisory. [email protected] reports: MongoDB Server's mongos component can become unresponsive to new connections d...

7.5CVSS5.5AI score0.00307EPSS
Exploits0References3
CNVD
CNVD
added 2025/07/08 12:0 a.m.4 views

MongoDB Server Resource Management Error Vulnerability

MongoDB Server is the United States MongoDB company's set of open source NoSQL database . The database provides collection-oriented storage , dynamic query , data replication and automatic failover and other functions . A security vulnerability exists in MongoDB Server versions prior to 6.0.23,...

7.5CVSS7AI score0.00307EPSS
Exploits0References1
NVD
NVD
added 2025/07/07 3:15 p.m.6 views

CVE-2025-6714

MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...

7.5CVSS0.00307EPSS
Exploits0References1
OSV
OSV
added 2025/07/07 3:15 p.m.4 views

CVE-2025-6714

MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...

7.5CVSS6.9AI score
Exploits0References1
Rows per page
Query Builder