Lucene search
K

9269 matches found

NVD
NVD
added 2023/12/04 9:15 p.m.21 views

CVE-2023-47633

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

7.5CVSS0.01269EPSS
Exploits1References3
Prion
Prion
added 2023/12/04 9:15 p.m.24 views

Default configuration

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

5CVSS6.9AI score0.01269EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/12/04 8:36 p.m.388 views

CVE-2023-47633

CVE-2023-47633 affects the Traefik Docker image when it serves as its own backend, triggered by an automatically generated route from Docker integration in default configuration. The issue causes 100% CPU usage, leading to a denial of service-like impact on the affected instance. The vulnerabilit...

7.5CVSS7.5AI score0.01269EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/12/04 8:36 p.m.19 views

CVE-2023-47633 Uncontrolled Resource Consumption in Traefik

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

7.5CVSS6.8AI score0.01269EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/12/04 8:36 p.m.35 views

CVE-2023-47633 Uncontrolled Resource Consumption in Traefik

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

7.5CVSS7.6AI score0.01269EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/12/04 8:36 p.m.18 views

CVE-2023-47633 Uncontrolled Resource Consumption in Traefik

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

7.5CVSS7AI score0.01269EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/04 3:45 p.m.28 views

Security Bulletin: Vunerability in docker engine affect pattern Type shipped with Cloud Pak System (CVE-2022-36109)

Summary Bypass security group permission vulnerability in moby docker engine as shipped with patternType shipped with Cloud Pak System. Vulnerability Details CVEID:CVE-2022-36109 DESCRIPTION: Moby could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a fla...

6.3CVSS7.2AI score0.00807EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2023/12/04 11:30 a.m.64 views

C2-Search-Netlas - Search For C2 Servers Based On Netlas

C2 Search Netlas is a Java utility designed to detect Command and Control C2 servers using the Netlas API. It provides a straightforward and user-friendly CLI interface for searching C2 servers, leveraging the Netlas API to gather data and process it locally. Usage To utilize this terminal utilit...

7.7AI score
Exploits0References2
Veracode
Veracode
added 2023/12/04 9:13 a.m.21 views

Authentication Bypass

gitea is vulnerable to Authentication Bypass. The vulnerability is caused when docker login uses basic authentication, which allows an attacker to bypass 2FA authentication...

7.5CVSS6.7AI score0.00614EPSS
Exploits0References3Affected Software2
Packet Storm
Packet Storm
added 2023/12/04 12:0 a.m.409 views

October CMS 3.4.0 Author Cross Site Scripting

OctoberCMS v3.4.0 Author Stored Cross-Site Scripting Vulnerability Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application framewor...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/12/04 12:0 a.m.374 views

October CMS 3.4.0 About Cross Site Scripting

OctoberCMS v3.4.0 About Stored Cross-Site Scripting Vulnerability Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application framework...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/12/04 12:0 a.m.244 views

October CMS 3.4.0 Wiki Article Cross Site Scripting

OctoberCMS v3.4.0 Wikiarticle Stored Cross-Site Scripting Vulnerability Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application...

7.4AI score
Exploits0
OSV
OSV
added 2023/12/03 7:15 p.m.5 views

CVE-2023-49947

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...

7.5CVSS5.8AI score0.00614EPSS
Exploits0References2
NVD
NVD
added 2023/12/03 7:15 p.m.15 views

CVE-2023-49947

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...

7.5CVSS0.00614EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/12/03 7:15 p.m.5 views

CVE-2023-49947

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...

7.5CVSS7.1AI score0.00614EPSS
Exploits0References3
Prion
Prion
added 2023/12/03 7:15 p.m.14 views

Authentication flaw

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...

5CVSS7.2AI score0.00614EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/03 12:0 a.m.4 views

PT-2023-31418 · Docker +1 · Docker +1

Name of the Vulnerable Software and Affected Versions: Forgejo versions prior to 1.20.5-1 Description: The issue allows for 2FA bypass when docker login uses Basic Authentication. Recommendations: For versions prior to 1.20.5-1, update to version 1.20.5-1 or later to resolve the issue...

7.5CVSS7.5AI score0.00614EPSS
Exploits0References5
CVE
CVE
added 2023/12/03 12:0 a.m.39 views

CVE-2023-49947

CVE-2023-49947 concerns Forgejo prior to 1.20.5-1, where using docker login with Basic Authentication enables a 2FA bypass. The core issue is a bypass of two-factor authentication when Basic Auth is used during Docker login. The CVE is reflected in multiple sources (NVD, Red Hat advisories, CVE l...

7.5CVSS7.5AI score0.00614EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/12/03 12:0 a.m.3 views

Forgejo Security Breach

Forgejo is a lightweight git service. A security vulnerability exists in versions prior to Forgejo 1.20.5-1 that stems from allowing two-factor authentication bypass when docker login is used with basic authentication...

7.5CVSS6.9AI score0.00614EPSS
Exploits0References2
Zero Science Lab
Zero Science Lab
added 2023/12/03 12:0 a.m.294 views

OctoberCMS v3.4.0 (Wiki_article) Stored Cross-Site Scripting Vulnerability

Summary OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application framework. It supports MySQL, SQLite and PostgreSQL for the database back end and uses a flat file database for the front end structure. The October CMS covers a ran...

6AI score
Exploits0
Rows per page
Query Builder