CVE-2021-41803
A flaw was found in HashiCorp Consul, where it is vulnerable to a denial of service caused by improper input validation for the node or segment names. By sending a specially-crafted request, a remote, ...
Continue Reading
May 01, 2023
CVE-2023-27496
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a `state` query param ...
Continue Reading
May 01, 2023
CVE-2023-27496
A flaw was found in Envoy. If Envoy is running with the OAuth filter enabled, a malicious actor could construct a request which would cause denial of service, crashing Envoy.Read More ...
Continue Reading
May 01, 2023
Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.15 Multiple Vulnerabilities (CloudBees Security Advisory 2023-04-12)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.15. It is, therefore, affected by multiple vulnerabilities including the ...
Continue Reading
May 01, 2023
Fedora 37 : gh / golang-github-cenkalti-backoff / golang-github-cli-crypto / etc (2023-cb20f08a4e)
The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-cb20f08a4e advisory. - A maliciously crafted HTTP/2 stream could cause excessiv ...
Continue Reading
May 01, 2023
[SECURITY] Fedora 37 Update: golang-github-cli-oauth-1.0.1-2.fc37
A library for performing OAuth Device flow and Web application flow in Go client apps.Read More ...
Continue Reading
May 01, 2023
Security Bulletin: Vulnerability in Apache Kafka may affect IBM Business Automation Workflow – CVE-2023-25194
## Summary IBM Business Automation Workflow packages a copy Apache Kafka client library. A security vulnerability has been reported for the same version of Apache Kafka. ## Vulnerability Details ** CV ...
Continue Reading
March 31, 2023
CVE-2023-1725
Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows Server Side Request Forgery.This issue affects Project Management System: before 4.09.31.125.Read More ...
Continue Reading
March 30, 2023
Wordfence Intelligence Weekly WordPress Vulnerability Report (Mar 20, 2023 to Mar 26, 2023)
Last week, there were 80 vulnerabilities disclosed in 69 WordPress Plugins and 1 WordPress theme that have been added to the Wordfence Intelligence Vulnerability Database, and there were 31 Vulnerabil ...
Continue Reading
March 30, 2023
Rocky Linux 9 : openssl (RLSA-2023:0946)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0946 advisory. - A read buffer overrun can be triggered in X.509 cer ...
Continue Reading
March 30, 2023
