Lucene search
+L

6 matches found

OSV
OSV
added 2026/06/29 5:40 a.m.5 views

BIT-ENVOY-2026-47207 Envoy crashes if multiple unexpected ext_proc responses are packed into one gRPC message

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an extproc server sends a single gRPC message containing multiple, specially crafted ProcessingResponse messages. This can occur when the...

6.5CVSS5.7AI score0.00444EPSS
Exploits1References2
CVE
CVE
added 2026/06/26 5:52 p.m.19 views

CVE-2026-47207

CVE-2026-47207 : Envoy crashes when an ext_proc server sends a single gRPC message containing multiple ProcessingResponse messages, leading to a use-after-free during processing of subsequent responses. Affected: Envoy versions 1.34.0 through 1.35.12 (as 1.35.13 fixes the issue) and 1.36.0–1.36.8...

6.5CVSS5.7AI score0.00444EPSS
Exploits1References1Affected Software1
Amazon
Amazon
added 2025/04/14 12:0 a.m.6 views

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's extproc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failur...

7.5CVSS6.5AI score0.00406EPSS
Exploits0
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

Kingsoft WPS 安全漏洞

Kingsoft WPS is a kind of office software from Kingsoft, a Chinese company. It provides document processing functions. A security vulnerability exists in Kingsoft WPS versions prior to 17.0.0, which stems from the inability to properly clean up filenames before they are interactively processed...

7.8CVSS6.7AI score0.00753EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2022/04/28 12:0 a.m.25 views

Delta Industrial Automation DMARS Scope File Parsing XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation DMARS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.5CVSS2.6AI score0.00772EPSS
Exploits0References1
OSV
OSV
added 2018/10/17 8:29 p.m.3 views

DEBIAN-CVE-2018-18386

drivers/tty/ntty.c in the Linux kernel before 4.14.11 allows local attackers who are able to access pseudo terminals to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ...

3.3CVSS7.3AI score0.00413EPSS
Exploits0References1
Rows per page
Query Builder