8 matches found
EUVD-2026-39185
When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940 — WHM/cPanel Kimlik Doğrulama Atlama Araştırma...
EUVD-2022-41782
Malicious code in bioql PyPI...
GHSA-PG75-V6FP-8Q59 Keylime's registrar vulnerable to Denial-of-service attack via a single open connection
Impact Keylime registrar is prone to a simple denial of service attack in which an adversary opens a connection to the TLS port by default, port 8891 blocking further, legitimate connections. As long as the connection is open, the registrar is blocked and cannot serve any further clients agents a...
CVE-2022-39278
CVE-2022-39278 affects Istio across multiple releases (notably Istio 1.15.2, 1.14.5, 1.13.9) where the control plane istiod is vulnerable to a request-processing error caused by an inefficient Go regexp.Compile, leading to a crash when a specially crafted or oversized message is sent to the publi...
Oracle Linux 7 / 8 : olcne / istio / istio (ELSA-2022-9362)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9362 advisory. - Addresses CVE-2022-24726, CVE-2022-24921 istio Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 7 / 8 : olcne / istio / istio (ELSA-2022-9363)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9363 advisory. - Addresses CVE-2022-24726, CVE-2022-24921 istio Tenable has extracted the preceding description block directly from the Oracle Linux security...
GHSA-856Q-XV3C-7F2F Unauthenticated control plane denial of service attack in Istio
Impact The Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the...