Lucene search
K

764 matches found

OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.6 views

Fedora: Security Advisory for golang-github-facebookincubator-dhcplb (FEDORA-2022-ea8f4e232d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2022/07/30 1:57 a.m.17 views

[SECURITY] Fedora 36 Update: golang-github-facebookincubator-dhcplb-0-0.5.20210706git2e66b27.fc36

Dhcplb is Facebook's implementation of a load balancer for DHCP...

1.8AI score
Exploits0
Laminas
Laminas
added 2022/07/25 9:35 p.m.51 views

HTTP Host Header Attack Vulnerabilities

The package laminas/laminas-diactoros Diactoros is a PSR-7 HTTP Message and PSR-17 HTTP Message Factory implementation, providing HTTP request and response message representations both for making HTTP client requests and responding to HTTP requests server-side. When responding to an incoming...

6.3AI score
Exploits0References3Affected Software2
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.26 views

Fedora: Security Advisory for golang-github-hashicorp-serf (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
Fedora
Fedora
added 2022/07/17 1:15 a.m.25 views

[SECURITY] Fedora 35 Update: golang-github-hashicorp-serf-0.9.5-5.fc35

Serf is a decentralized solution for service discovery and orchestration that is lightweight, highly available, and fault tolerant. Serf runs on Linux, Mac OS X, and Windows. An efficient and lightweight gossip protocol is used to communicate with other nodes. Serf can detect node failur es and...

9.3CVSS8AI score0.05994EPSS
Exploits4
Fedora
Fedora
added 2022/07/17 1:15 a.m.25 views

[SECURITY] Fedora 35 Update: golang-github-facebookincubator-dhcplb-0-0.4.20210706git2e66b27.fc35

Dhcplb is Facebook's implementation of a load balancer for DHCP...

9.3CVSS1.8AI score0.05994EPSS
Exploits3
Spring Security Advisories
Spring Security Advisories
added 2022/07/12 11:0 a.m.19 views

This Week in Spring - July 12th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you? This week Im writing you from sunny Seattle, Washington, where were having our next installment of the SpringOne Tour series. Its been a ton of fun seeing all these fun and friendly faces again and getting to see...

0.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/06/07 3:24 p.m.23 views

Identifying Cloud Waste to Contain Unnecessary Costs

Cloud adoption has exploded over the past decade or so, and for good reason. Many digital transformation advancements – and even the complete reimagination of entire industries – can be directly mapped and attributed to cloud innovation. While this rapid pace of innovation has had a profound impa...

Exploits0
OSV
OSV
added 2022/05/30 4:26 p.m.4 views

GSD-2022-1002524 input validation (CWE-20) in Elastic Load Balancer (ELB) version ELB prior to 2022-01-29 when "Legacy cache settings" is enabled

In Amazon Elastic Load Balancer ELB prior to 2022-01-29 when "Legacy cache settings" is enabled an input validation CWE-20 vulnerability exists in the HTTP Header processing that can be attacked via the network using a trailing space in the requests resulting in HTTP Header Smuggling...

7AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/05/20 10:43 p.m.29 views

CVE-2022-23632

Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security TLS configuration when the host header is a fully qualified domain name FQDN. For a request, the TLS configuration choice can be different than the router choice, which...

7.5CVSS0.3AI score0.01688EPSS
Exploits0References1
Wallarm Lab
Wallarm Lab
added 2022/05/12 9:52 p.m.40 views

Two critical security flaws found in Nginx-Ingress controller

Ingress controllers allow users to configure an HTTP load balancer for applications running on Kubernetes. It’s needed to serve those applications to clients outside of the Kubernetes Cluster. It’s also configured with Kubernetes API to deploy objects called Ingress Resources The NGINX Ingress...

5.5CVSS7.8AI score0.01373EPSS
Exploits0
CNVD
CNVD
added 2022/03/23 12:0 a.m.17 views

Snapt Aria Command Injection Vulnerability

Snapt Aria is an enterprise-oriented ADC solution from Snapt USA that provides a load balancer, Web gas pedal, Web Application Firewall WAF, Global Server Load Balancer GSLB, etc. A command injection vulnerability exists in the snaptPowered2 component of Snapt Aria v12.8, which could be exploited...

8.8CVSS4.4AI score0.25339EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/23 12:0 a.m.36 views

Snapt Aria Cross-Site Request Forgery Vulnerability

Snapt Aria is an enterprise ADC solution from Snapt USA that provides a load balancer, web gas pedal, web application firewall WAF, global server load balancer GSLB, etc. A cross-site request forgery vulnerability exists in Snapt Aria version 12.8, which stems from a WEB application that does not...

8.8CVSS4.9AI score0.00677EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/18 12:0 a.m.63 views

Containous Traefik Trust Management Issue Vulnerability (CNVD-2022-13371)

Containous Traefik is a reverse proxy and load balancer from Containous, U.S. Containous Traefik is vulnerable to a trust management issue that stems from the fact that when a request is sent using an FQDN processed by a router configured with a dedicated TLS configuration, the TLS configuration...

7.5CVSS1.7AI score0.01688EPSS
Exploits0References1
Prion
Prion
added 2022/02/17 3:15 p.m.27 views

Default configuration

Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security TLS configuration when the host header is a fully qualified domain name FQDN. For a request, the TLS configuration choice can be different than the router choice, which...

6.8CVSS7.9AI score0.01688EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2022/02/17 2:55 p.m.129 views

CVE-2022-23632

CVE-2022-23632 affects Traefik (HTTP reverse proxy/load balancer). Prior to v2.6.1, when the host header is an FQDN, the router’s TLS configuration can be ignored and a different TLS setup may be applied, potentially using the default TLS configuration instead of the configured one. If CNAME flat...

7.5CVSS7.5AI score0.01688EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/02/17 2:55 p.m.19 views

CVE-2022-23632 Traefik skips the router TLS configuration when the host header is an FQDN

Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security TLS configuration when the host header is a fully qualified domain name FQDN. For a request, the TLS configuration choice can be different than the router choice, which...

7.4CVSS8.1AI score0.01688EPSS
Exploits0References6
Virtuozzo
Virtuozzo
added 2022/02/07 12:0 a.m.24 views

Virtuozzo Hybrid Infrastructure 5.0 (5.0.0-137)

In this release, Virtuozzo Hybrid Infrastructure provides a wide range of new features that enhance service providers' interoperability and help expand their services. The improvements cover compute services, object storage, security, and monitoring. Additionally, this release delivers stability...

0.9AI score
Exploits0
Veeam
Veeam
added 2021/12/10 12:0 a.m.198 views

SureBackup of VM with NLB fails with "IP addresses were not resolved" or "cannot detect IP address"

Challenge A SureBackup job processing a VM that is configured to use Microsoft NLB in Unicast mode fails with the error: Cannot detect IP address. Ping test will be skipped Copy IP addresses were not resolved Copy Solution Review the NLB configuration with your network administrator team to...

6.8AI score
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2021/11/24 8:4 p.m.34 views

Webcache Poisoning in symfony/http-kernel

Description ----------- When a Symfony application is running behind a proxy or a load-balancer, you can tell Symfony to look for the X-Forwarded- HTTP headers. HTTP headers that are not part of the "trustedheaders" allowed list are ignored and protect you from "Cache poisoning" attacks. In Symfo...

6.5CVSS6.1AI score0.01239EPSS
Exploits0References9Affected Software2
Rows per page
Query Builder