Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication through the Milvus Proxy component, which skips the source ID check. An attacker can gain full administrative access to the cluster, allowing them to read, modify, or delete data and perform privileged operations...

CVE-2025-64513

Milvus is an open-source vector database built for generative AI applications. An unauthenticated attacker can exploit a vulnerability in versions prior to 2.4.24, 2.5.21, and 2.6.5 to bypass all authentication mechanisms in the Milvus Proxy component, gaining full administrative access to the...

CVE-2025-64513 Milvus Proxy has Critical Authentication Bypass Vulnerability

Milvus is an open-source vector database built for generative AI applications. An unauthenticated attacker can exploit a vulnerability in versions prior to 2.4.24, 2.5.21, and 2.6.5 to bypass all authentication mechanisms in the Milvus Proxy component, gaining full administrative access to the...

PT-2024-40008 · Nginx · Nginx

Name of the Vulnerable Software and Affected Versions: No specific software name or version is mentioned, so the description is not applicable in this section. Description: A potential hostname injection issue has been discovered, which could allow attackers to alter URL resolution. If a request...

SUSE CVE-2020-13986

An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...

CVE-2020-13986

An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...