Oracle Linux 8 : grafana (ELSA-2021-3771)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-3771 advisory. - resolve CVE-2021-39226 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...

Async-h1 request smuggling possible with long unread bodies

Impact This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content...

GHSA-4VR9-8CJF-VF9C Async-h1 request smuggling possible with long unread bodies

Impact This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content...

CVE-2021-39226

Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...

CVE-2021-39226 Snapshot authentication bypass in grafana

Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...

CVE-2021-39226

Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...

Fedora: Security Advisory for haproxy (FEDORA-2021-b4bcf9141d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

emp3r0r

It is an offensive tool for Linux systems. The tool is called emp3r0r, a Linux post-exploitation framework made by a user named jm33-ng. It is designed to provide a better experience for remote administration on Linux systems, particularly for terminal-based interactions. The framework is written...

[SECURITY] Fedora 35 Update: haproxy-2.4.4-1.fc35

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

VMware vCenter Server Reverse Proxy Bypass Vulnerability

VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. vCenter Server is vulnerable to a rever...

CVE-2021-22006

The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints...

CVE-2021-22006

The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints...

Authentication flaw

The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints...

CVE-2021-22006

VMware vCenter Server CVE-2021-22006 is a reverse proxy/bypass vulnerability arising from how the URI is handled, allowing an unauthenticated attacker with network access to port 443 to access restricted endpoints. Publicly documented details in multiple sources (NVD, CNVD, CVE lists, IBM/NCSC ad...

VMware vCenter Server < 7.0 U2c Multiple Vulnerabilities (VMSA-2021-0020)

The version of VMware vCenter Server installed on the remote host is 7.0 prior to 7.0 U2c. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file upload vulnerability exists in the analytics service of vSphere Server. An unauthenticated, remote attacker can exploit this to...

Vmware VMware vCenter Server 授权问题漏洞

VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. vCenter Server is vulnerable to a rever...

VMware vCenter Server updates address multiple security vulnerabilities

3a. vCenter Server file upload vulnerability CVE-2021-22005 The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. 3b. vCenter Server...

VMSA-2021-0020:VMware vCenter Server updates address multiple security vulnerabilities

Advisory ID:VMSA-2021-0020.2 CVSSv3 Range:4.3-9.8 Issue Date:2021-09-21 Updated On:2025-12-05 CVEs:CVE-2021-21991, CVE-2021-21992, CVE-2021-21993, CVE-2021-22005, CVE-2021-22006, CVE-2021-22007, CVE-2021-22008, CVE-2021-22009, CVE-2021-22010, CVE-2021-22011, CVE-2021-22012, CVE-2021-22013,...

Fedora: Security Advisory for haproxy (FEDORA-2021-cd5ee418f6)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: haproxy-2.3.14-1.fc34

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...