Lucene search
+L

6 matches found

CNNVD
CNNVD
added 2026/04/28 12:0 a.m.8 views

Vmware Spring gRPC 安全漏洞

Vmware Spring gRPC is an extension component for Spring application development developed by Vmware, a company in the United States. Versions 1.0.0 to 1.0.2 of Vmware Spring gRPC contain security vulnerabilities. These vulnerabilities arise when authenticated users are denied access to gRPC...

8.8CVSS5.8AI score0.00171EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 5:33 p.m.8 views

GHSA-8G29-8XWR-QMHR @grackle-ai/server JSON.parse lacks try-catch logic in its gRPC Service AdapterConfig Handling

Impact JSON.parseenv.adapterConfig is called without error handling in three locations within the gRPC service. While the data originates from the server's own SQLite database and should always be valid JSON, database corruption, migration errors, or unexpected state could cause an unhandled...

2.1CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2025/09/17 8:43 p.m.1 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation via the Certificate gRPC service not validating whether the requested IP addresses are associated with the requesting peer. An attacker can obtain valid mTLS certificates for arbitrary IP addresses by...

8.7CVSS7AI score0.00219EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/09/17 8:11 p.m.11 views

DragonFly's manager generates mTLS certificates for arbitrary IP addresses

Impact A peer can obtain a valid TLS certificate for arbitrary IP addresses, effectively rendering the mTLS authentication useless. The issue is that the Manager’s Certificate gRPC service does not validate if the requested IP addresses “belong to” the peer requesting the certificate—that is, if...

8.7CVSS7.2AI score0.00219EPSS
Exploits1References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-32732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin...

5.3CVSS6.5AI score0.00527EPSS
Exploits0References3
Prion
Prion
added 2017/05/16 5:29 p.m.23 views

Design/Logic Flaw

A vulnerability in the Event Management Service daemon emsd of Cisco IOS XR routers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to improper handling of gRPC requests. An attacker could exploit this...

7.8CVSS7.5AI score0.02479EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder