Lucene search
K

7 matches found

EUVD
EUVD
added 2026/03/25 3:31 p.m.6 views

EUVD-2026-15413

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.0036EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2021/11/03 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-42013

Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default require all denied or if CGI scripts are enabled. This CVE ID resolves an incomplete patch for...

9.8CVSS7.9AI score0.99964EPSS
Exploits174References1
OSV
OSV
added 2021/07/17 6:15 p.m.21 views

CVE-2021-36213

HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1...

7.5CVSS7.4AI score
Exploits0References4
OSV
OSV
added 2021/07/17 6:15 p.m.3 views

UBUNTU-CVE-2021-36213

HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1...

7.5CVSS7.1AI score0.0174EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2021/07/17 6:15 p.m.29 views

CVE-2021-36213

HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1...

7.5CVSS7.3AI score0.0174EPSS
Exploits0
Cvelist
Cvelist
added 2021/07/17 5:32 p.m.54 views

CVE-2021-36213

HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1...

7.7AI score0.0174EPSS
Exploits0References4
CVE
CVE
added 2021/07/17 5:32 p.m.387 views

CVE-2021-36213

HashiCorp Consul and Consul Enterprise versions 1.9.0–1.10.0 are affected by CVE-2021-36213, where a single L7 application-aware deny action under a default-deny policy can cancel the intention and incorrectly allow L4 traffic. The issue is fixed in Consul/Consul Enterprise 1.9.8 and 1.10.1 (upst...

7.5CVSS7.3AI score0.0174EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder