Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-24833

Malware in sbrugna...

8.6CVSS8.7AI score0.01788EPSS
Exploits0References2
OSV
OSV
added 2024/07/01 11:14 a.m.17 views

BIT-HUBBLE-UI-2024-37307

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS6.7AI score0.0018EPSS
Exploits0References7
OSV
OSV
added 2024/07/01 11:14 a.m.11 views

BIT-HUBBLE-UI-BACKEND-2024-37307

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS6.7AI score0.0018EPSS
Exploits0References7
OSV
OSV
added 2024/07/01 11:10 a.m.20 views

BIT-CILIUM-PROXY-2024-37307

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS6.7AI score0.0018EPSS
Exploits0References7
OSV
OSV
added 2024/06/26 7:20 p.m.20 views

BIT-HUBBLE-RELAY-2024-37307 Cilium leaks sensitive information in cilium-bugtool

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS6.7AI score0.0018EPSS
Exploits0References8
OSV
OSV
added 2024/06/17 7:16 a.m.24 views

BIT-CILIUM-2024-37307 Cilium leaks sensitive information in cilium-bugtool

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS6.7AI score0.0018EPSS
Exploits0References8
OSV
OSV
added 2024/06/17 7:16 a.m.18 views

BIT-CILIUM-OPERATOR-2024-37307 Cilium leaks sensitive information in cilium-bugtool

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS6.7AI score0.0018EPSS
Exploits0References8
OSV
OSV
added 2024/06/13 7:29 p.m.13 views

GHSA-WH78-7948-358J Cilium leaks sensitive information in cilium-bugtool

Impact The output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium deployments with the Envoy proxy enabled. Users of the following features are affected: - TLS inspection - Ingress with TLS termination - Gateway API with TLS...

7.9CVSS6.8AI score0.0018EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2024/06/13 7:29 p.m.28 views

Cilium leaks sensitive information in cilium-bugtool

Impact The output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium deployments with the Envoy proxy enabled. Users of the following features are affected: - TLS inspection - Ingress with TLS termination - Gateway API with TLS...

7.9CVSS6.7AI score0.0018EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2024/06/13 4:15 p.m.35 views

CVE-2024-37307

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS0.0018EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/06/13 4:9 p.m.14 views

CVE-2024-37307 Cilium leaks sensitive information in cilium-bugtool

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS6.6AI score0.0018EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/06/13 4:9 p.m.40 views

CVE-2024-37307 Cilium leaks sensitive information in cilium-bugtool

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS0.0018EPSS
Exploits0References7
CVE
CVE
added 2024/06/13 4:9 p.m.320 views

CVE-2024-37307

Summary: CVE-2024-37307 affects Cilium’s cilium-bugtool when run with --envoy-dump against deployments with Envoy enabled. Affected versions: prior to 1.13.7, 1.14.12, and 1.15.6 (i.e., versions 1.13.0–1.13.6, 1.14.0–1.14.11, 1.15.0–1.15.5). Root cause/impact: the tool’s output could contain sens...

7.9CVSS7.5AI score0.0018EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/06/13 4:9 p.m.17 views

CVE-2024-37307 Cilium leaks sensitive information in cilium-bugtool

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS7.3AI score0.0018EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.49 views

Cisco Firepower 2100 Series SSL/TLS Inspection DoS (cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy)

According to its self-reported version, the SSL/TLS inspection of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series firewalls is affected by denial of service vulnerability due to improper input validation for certain fields of specific SSL/TLS messages. An...

8.6CVSS7.9AI score0.01788EPSS
Exploits0References3
Prion
Prion
added 2020/10/21 7:15 p.m.20 views

Input validation

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validatio...

7.1CVSS8.3AI score0.01788EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/10/21 6:41 p.m.10 views

CVE-2020-3562 Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validatio...

8.6CVSS7.1AI score0.01788EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/21 6:41 p.m.28 views

CVE-2020-3562 Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validatio...

8.6CVSS8.5AI score0.01788EPSS
Exploits0References1
Cisco
Cisco
added 2020/10/21 4:0 p.m.34 views

Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validatio...

8.6CVSS8.5AI score0.01788EPSS
Exploits0References1
Kitploit
Kitploit
added 2020/09/04 12:30 p.m.78 views

SNIcat - Server Name Indication Concatenator

SNIcat is a proof of concept tool that performs data exfiltration, utilizing a covert channel method via. Server Name Indication , a TLS Client Hello Extension. The tool consists of an agent which resides on the compromised internal host, and a Command &Control Server which controls the agent and...

7.5AI score
Exploits0References2
Rows per page
Query Builder