Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-15195

Malware in sbrugna...

7.4CVSS7.5AI score0.01147EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-7997

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.0021EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/06 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-30162

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services an...

4.3CVSS5.9AI score0.0021EPSS
Exploits0References2
Veeam
Veeam
added 2025/06/11 12:0 a.m.46 views

How to Use Veeam Data Cloud Vault with ExpressRoute with Private Peering

Purpose This article documents the usage of Veeam Data Cloud Vault within environments that use Azure ExpressRoute with private peering. Solution Software Prerequisites Veeam Backup & Replication v12.3 or higher Veeam Data Cloud Vault Configuration Notes This article covers customers using...

6.5AI score
Exploits0Affected Software1
Veracode
Veracode
added 2025/04/03 6:48 a.m.11 views

Incorrect Authorization

github.com/cilium/cilium is vulnerable to Incorrect Authorization. The vulnerability is due to improper enforcement of egress restrictions due to a misconfiguration where egress traffic to LoadBalancers deployed via Gateway API is incorrectly allowed, despite network policies blocking such traffi...

4.3CVSS6.5AI score0.0021EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/03/26 7:14 a.m.11 views

BIT-HUBBLE-RELAY-2025-30162 East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...

4.3CVSS3.6AI score0.0021EPSS
Exploits0References4
OSV
OSV
added 2025/03/26 7:7 a.m.10 views

BIT-CILIUM-OPERATOR-2025-30162 East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...

4.3CVSS3.6AI score0.0021EPSS
Exploits0References4
NVD
NVD
added 2025/03/24 7:15 p.m.7 views

CVE-2025-30162

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...

4.3CVSS0.0021EPSS
Exploits0References3
OSV
OSV
added 2025/03/24 7:5 p.m.14 views

GHSA-24QP-4XX8-3JVJ Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers

Impact For Cilium users who: - Use Gateway API for Ingress for some services AND - Use LB-IPAM or BGP for LB Service implementation AND - Use network policies to block egress traffic from workloads in a namespace to workloads in other namespaces Egress traffic from workloads covered by such netwo...

3.2CVSS7AI score0.0021EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/03/24 7:5 p.m.22 views

Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers

Impact For Cilium users who: - Use Gateway API for Ingress for some services AND - Use LB-IPAM or BGP for LB Service implementation AND - Use network policies to block egress traffic from workloads in a namespace to workloads in other namespaces Egress traffic from workloads covered by such netwo...

4.3CVSS7AI score0.0021EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/03/24 6:44 p.m.14 views

CVE-2025-30162 East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...

3.2CVSS0.0021EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/24 12:0 a.m.6 views

PT-2025-12672

Name of the Vulnerable Software and Affected Versions Cilium versions 1.15.0 through 1.15.14 Cilium versions 1.16.0 through 1.16.7 Cilium versions 1.17.0 through 1.17.1 Description The issue affects Cilium users who use Gateway API for Ingress and LB-IPAM or BGP for LoadBalancer Service...

9.8CVSS6.9AI score0.99098EPSS
Exploits23References49
Metasploit
Metasploit
added 2024/05/07 7:55 p.m.321 views

CrushFTP Unauthenticated Arbitrary File Read

This module leverages an unauthenticated server-side template injection vulnerability in CrushFTP use auxiliary/gather/crushftpfilereadcve20244040 msf auxiliarycrushftpfilereadcve20244040 show actions ...actions... msf auxiliarycrushftpfilereadcve20244040 set ACTION msf...

10CVSS8.7AI score0.99539EPSS
Exploits22
Vulnrichment
Vulnrichment
added 2024/04/12 3:24 p.m.16 views

CVE-2024-30389 Junos OS: EX4300 Series: Firewall filter not blocking egress traffic

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to ...

6.9CVSS6.9AI score0.00363EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/03/16 1:39 p.m.40 views

Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

The cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware used to mine Monero cryptocurrency on compromised systems. That's according to Cado Security, which found the sample after Sysdig detailed a sophisticated attack known as SCARLETEEL aime...

7.2AI score
Exploits0
OSV
OSV
added 2021/01/15 6:15 p.m.6 views

CVE-2021-0222

A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. These crafted packets, which should be discarded, are instead replicated and sent...

7.4CVSS7.1AI score0.00639EPSS
Exploits0References1
OSV
OSV
added 2017/04/06 2:59 p.m.3 views

CVE-2017-6130

F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery SSRF attack when deployed using the Dynamic Domain Bypass DDB feature feature plus SNAT Auto Map option for egress traffic...

7.4CVSS5.8AI score0.01147EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/04/06 2:0 p.m.32 views

CVE-2017-0305

F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature...

9.8AI score0.03776EPSS
Exploits0References1
Rows per page
Query Builder