Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 6:40 p.m.2 views

CVE-2021-38698

HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2...

6.5CVSS6.7AI score0.00352EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2025/04/15 12:0 a.m.2 views

The vulnerability of the Consul and Consul Enterprise service configuration tool, which stems from insufficient validation of requests on the server side, allows attackers to carry out SSRF attacks.

The vulnerability of the Consul and Consul Enterprise service configuration tool is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to carry out an SSRF attack remotely...

7.8CVSS6.7AI score0.87755EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTECadded 2024/11/25 12:0 a.m.1 views

The vulnerability of the Consul service configuration tool arises from the lack of measures taken to protect the structure of web pages. This allows attackers to carry out XSS attacks.

The vulnerability of the Consul service configuration tool exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.4CVSS6.8AI score0.01462EPSS
Exploits0References5Affected Software4
Redos
Redosadded 2024/11/13 12:0 a.m.11 views

ROS-20241112-09

A vulnerability in the Consul service configuration tool is related to input validation errors when processing catalog traversal sequences. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted HTTP request and read arbitrary files on the system...

8.3CVSS6.8AI score0.00035EPSS
Exploits0
Redos
Redosadded 2024/08/05 12:0 a.m.34 views

ROS-20240805-03

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.1AI score0.944EPSS
Exploits23
BDU FSTEC
BDU FSTECadded 2022/04/07 12:0 a.m.1 views

The vulnerability of the Envoy proxy server used by the Consul service management tool allows attackers to compromise data integrity.

The vulnerability of the Envoy proxy server of the Consul service lies in the lack of verification of the destination service identifier in the encoded alternative name of the subject. Exploiting this vulnerability allows a malicious actor to compromise the integrity of data...

7.8CVSS0.00802EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder