Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CNNVD
CNNVDadded 2026/03/10 12:0 a.m.2 views

Envoy 资源管理错误漏洞

Envoy is an open-source gateway program developed by Enphase for connecting smart home devices. Versions of Envoy prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13 contain a resource management vulnerability. This vulnerability stems from logical flaws in the HTTP connection manager, which may lead to...

5.9CVSS5.8AI score0.00019EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/13 6:54 p.m.4 views

CVE-2025-66220

A flaw was found in Envoy. This vulnerability allows mTLS mutual Transport Layer Security certificate validation bypass via a certificate containing an embedded null byte \0 inside an OTHERNAME SAN Subject Alternative Name value. Mitigation Mitigation for this issue is either not available or the...

7.1CVSS5.8AI score0.00002EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-19488

Malicious code in bioql PyPI...

9.2CVSS6.6AI score0.00213EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/03/21 12:0 a.m.1 views

Envoy 安全漏洞

Envoy is an Enphase open source gateway program for connecting smart home devices. A security vulnerability exists in Envoy versions prior to 1.33.1, prior to 1.32.4, prior to 1.31.6, and prior to 1.30.10, which stems from a lifecycle issue in the extproc HTTP filter that could cause a crash...

7.5CVSS6.3AI score0.00043EPSS
Exploits0References3
OSV
OSVadded 2024/08/12 1:38 p.m.2 views

CVE-2024-21878

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Enphase IQ Gateway formerly known as Envoy allows OS Command Injection. This vulnerability is present in an internal script.This issue affects Envoy: from 4.x up to and including 8.x and is currentl...

9.8CVSS5.7AI score0.00354EPSS
Exploits0References3
OSV
OSVadded 2024/08/12 1:38 p.m.0 views

CVE-2024-21877

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability through a url parameter in Enphase IQ Gateway formerly known as Envoy allows File Manipulation. The endpoint requires authentication.This issue affects Envoy: from 4.x to 8.0 and 8.2.4225...

6.5CVSS5.8AI score0.00213EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 4:1 a.m.2 views

SUSE CVE-2020-8663

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections...

7.5CVSS7.9AI score0.00105EPSS
Exploits0References10
SUSE CVE
SUSE CVEadded 2023/02/15 3:58 a.m.1 views

SUSE CVE-2020-12605

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs...

7.5CVSS7.8AI score0.00786EPSS
Exploits0References10
CNVD
CNVDadded 2020/04/15 12:0 a.m.1 views

Envoy and Istio Information Disclosure Vulnerabilities

Envoy is an open source distributed proxy server.Istio is an open platform for connecting, managing and securing microservices. An information disclosure vulnerability exists in Istio 1.5.1 and earlier versions and Envoy 1.14.1 and earlier versions. An attacker can exploit the vulnerability to...

3.1CVSS6.2AI score0.00087EPSS
Exploits1
Rows per page
Query Builder