Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
grpc grpc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-36155
LengthPrefixedMessageReader in gRPC Swift 1.1.0 and previous versions allocates buffers of arbitrary length, which allows remote malicious users to cause uncontrolled resource consumption and deny service.
Linuxfoundation Grpc Swift 1.0.0
Linuxfoundation Grpc Swift 1.1.0
Linuxfoundation Grpc Swift 1.1.1
7.5
CVSSv3
CVE-2021-36153
Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote malicious users to deny service by sending malformed requests.
Linuxfoundation Grpc Swift 1.1.0
Linuxfoundation Grpc Swift 1.1.1
5.3
CVSSv3
CVE-2023-32732
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recom...
Grpc Grpc
Fedoraproject Fedora 37
Fedoraproject Fedora 38
7.5
CVSSv3
CVE-2022-24777
grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This is due to incorrect logic when handling GOAWAY frames. The att...
Linuxfoundation Grpc Swift
7.5
CVSSv3
CVE-2019-1711
A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of gRPC requests. An atta...
Cisco Ios Xr
7.5
CVSSv3
CVE-2017-3876
A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR routers could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of gRPC requests. An atta...
Cisco Ios Xr 6.1.0
Cisco Ios Xr 6.1.1
7.5
CVSSv3
CVE-2017-12270
A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition when the emsd service stops. The vulnerability is due to the...
Cisco Ios Xr -
5.3
CVSSv3
CVE-2023-0296
The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary ...
Redhat Openshift 4.11
7.5
CVSSv3
CVE-2021-28682
An issue exists in Envoy up to and including 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.
Envoyproxy Envoy 1.14.6
Envoyproxy Envoy 1.15.3
Envoyproxy Envoy 1.16.2
Envoyproxy Envoy 1.17.1
9.8
CVSSv3
CVE-2024-25089
Malwarebytes Binisoft Windows Firewall Control prior to 6.9.9.2 allows remote malicious users to execute arbitrary code via gRPC named pipes.
Malwarebytes Binisoft Windows Firewall Control
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »