Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.10 views

Amazon Linux 2023 : mariadb1011, mariadb1011-backup, mariadb1011-client-utils (ALAS2023-2026-1844)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1844 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable...

9.8CVSS6.2AI score0.00567EPSS
Exploits1References14
Github Security Blog
Github Security Blog
added 2026/03/25 7:54 p.m.6 views

AVideo vulnerable to IP Address Spoofing via Untrusted HTTP Headers in getRealIpAddr()

Summary The getRealIpAddr function in objects/functions.php trusts user-controlled HTTP headers to determine the client's IP address. An attacker can spoof their IP address by sending forged headers, bypassing any IP-based access controls or audit logging. Vulnerable Code File:...

5.3CVSS5.8AI score0.00175EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-28156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10. CVE-2021-28156...

7.5CVSS7AI score0.02273EPSS
Exploits0References2
NVD
NVD
added 2021/04/20 4:15 p.m.19 views

CVE-2021-28156

HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10...

7.5CVSS0.02273EPSS
Exploits0References3
OSV
OSV
added 2021/04/20 4:15 p.m.3 views

UBUNTU-CVE-2021-28156

HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10...

7.5CVSS7AI score0.02273EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/04/20 3:2 p.m.30 views

CVE-2021-28156

HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10...

7.7AI score0.02273EPSS
Exploits0References3
CVE
CVE
added 2021/04/20 3:2 p.m.138 views

CVE-2021-28156

CVE-2021-28156 affects HashiCorp Consul Enterprise: versions 1.8.0 through 1.9.4 are vulnerable where the audit log can be bypassed via specifically crafted HTTP events. The issue is fixed in 1.9.5 and in 1.8.10. Connected documents confirm the vulnerability details and the fixed versions; no exp...

7.5CVSS7.3AI score0.02273EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/04/20 12:0 a.m.4 views

PT-2021-17780 · Hashicorp +1 · Hashicorp Consul Enterprise +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul Enterprise versions 1.8.0 through 1.9.4 Description: The issue allows the audit log to be bypassed by specifically crafted HTTP events. Recommendations: For versions 1.8.0 through 1.8.9, update to version 1.8.10. For versions...

8.8CVSS5.9AI score0.3479EPSS
Exploits3References34
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/04/19 10:44 p.m.5 views

Consul Enterprise Audit Log Bypass for HTTP Events

Summary A vulnerability was identified in Consul Enterprise such that a specially crafted HTTP request can be used to bypass the audit log for HTTP events. This vulnerability, CVE-2021-28156, affects Consul Enterprise versions 1.8.0 up to 1.9.4, and is fixed in the 1.9.5 and 1.8.10 releases...

7.5CVSS6.9AI score0.02273EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2021/04/16 6:31 p.m.23 views

CVE-2021-28156

A flaw was found in the hashicorp consul, where the audit log could be bypassed. The highest threat from this vulnerability is to integrity...

7.5CVSS0.5AI score0.02273EPSS
Exploits0References3
NCSC
NCSC
added 2016/05/11 12:0 a.m.7 views

Multiple vulnerabilities fixed in Aruba networks products

Multiple vulnerabilities have been discovered in various Aruba Networks products including Instant and ArubaOS access points, the Airwave management platform and the PAPI protocol that these systems mutually use. Some vulnerabilities have been fixed, others will be fixed in a future update, and f...

9.8CVSS7.9AI score0.05123EPSS
Exploits3
Rows per page
Query Builder