83 matches found
EUVD-2021-19456
Malware in sbrugna...
EUVD-2021-16084
Malware in sbrugna...
EUVD-2020-4227
Malware in sbrugna...
EUVD-2025-18750
Malicious code in bioql PyPI...
EUVD-2023-45576
Malicious code in bioql PyPI...
EUVD-2022-30518
Malicious code in bioql PyPI...
CVE-2025-31698
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698 Apache Traffic Server: Client IP address from PROXY protocol is not used for ACL
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698
Summary : CVE-2025-31698 affects Apache Traffic Server (ATS). The ACLs configured in ip_allow.config or remap.config may use IP addresses not provided by the PROXY protocol when ATS is configured to accept PROXY, exposing confidentiality. Affected ranges include 10.0.0–10.0.6 and 9.0.0–9.2.10. Ro...
CVE-2020-11890
An issue was discovered in Joomla! before 3.9.17. Improper input validations in the usergroup table class could lead to a broken ACL configuration...
Alibaba Cloud Linux 3 : 0157: redis:6 (ALINUX3-SA-2023:0157)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0157 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-29477: Redis is an open source BS...
BIT-JOOMLA-2020-11890
An issue was discovered in Joomla! before 3.9.17. Improper input validations in the usergroup table class could lead to a broken ACL configuration...
PT-2025-25771 · Apache +1 · Apache Traffic Server +1
Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 9.0.0 through 9.2.10 Apache Traffic Server versions 10.0.0 through 10.0.6 Description: The issue arises when the ACL configured in ip allow.config or remap.config does not utilize IP addresses provided by the...
Moderate: Red Hat Security Advisory: redis:7 security update
An update for the redis:7 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
BIT-KEYDB-2023-41053 Redis SORT_RO may bypass ACL configuration
Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by SORTRO and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been...
RHEL 6 : pki-core (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pki-core: Mishandled ACL configuration in AAclAuthz.java reverses rules that allow and deny access...
BIT-REDIS-2023-41053 Redis SORT_RO may bypass ACL configuration
Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by SORTRO and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been...
Debian dsa-5610 : redis - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5610 advisory. - Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and...
SUSE-SU-2023:3711-1 Security update for redis7
This update for redis7 fixes the following issues: - CVE-2023-41053: Fixed SORTRO may bypass ACL configuration bsc1215094...
ROS-20230915-12
A vulnerability in the Redis database management system is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to keys that are not explicitly authorized by the ACL configuration...