11 matches found
Amazon Linux 2023 : mariadb1011, mariadb1011-backup, mariadb1011-client-utils (ALAS2023-2026-1844)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1844 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable...
AVideo vulnerable to IP Address Spoofing via Untrusted HTTP Headers in getRealIpAddr()
Summary The getRealIpAddr function in objects/functions.php trusts user-controlled HTTP headers to determine the client's IP address. An attacker can spoof their IP address by sending forged headers, bypassing any IP-based access controls or audit logging. Vulnerable Code File:...
Linux Distros Unpatched Vulnerability : CVE-2021-28156
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10. CVE-2021-28156...
CVE-2021-28156
HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10...
UBUNTU-CVE-2021-28156
HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10...
CVE-2021-28156
HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10...
CVE-2021-28156
CVE-2021-28156 affects HashiCorp Consul Enterprise: versions 1.8.0 through 1.9.4 are vulnerable where the audit log can be bypassed via specifically crafted HTTP events. The issue is fixed in 1.9.5 and in 1.8.10. Connected documents confirm the vulnerability details and the fixed versions; no exp...
PT-2021-17780 · Hashicorp +1 · Hashicorp Consul Enterprise +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Consul Enterprise versions 1.8.0 through 1.9.4 Description: The issue allows the audit log to be bypassed by specifically crafted HTTP events. Recommendations: For versions 1.8.0 through 1.8.9, update to version 1.8.10. For versions...
Consul Enterprise Audit Log Bypass for HTTP Events
Summary A vulnerability was identified in Consul Enterprise such that a specially crafted HTTP request can be used to bypass the audit log for HTTP events. This vulnerability, CVE-2021-28156, affects Consul Enterprise versions 1.8.0 up to 1.9.4, and is fixed in the 1.9.5 and 1.8.10 releases...
CVE-2021-28156
A flaw was found in the hashicorp consul, where the audit log could be bypassed. The highest threat from this vulnerability is to integrity...
Multiple vulnerabilities fixed in Aruba networks products
Multiple vulnerabilities have been discovered in various Aruba Networks products including Instant and ArubaOS access points, the Airwave management platform and the PAPI protocol that these systems mutually use. Some vulnerabilities have been fixed, others will be fixed in a future update, and f...