Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
load balancer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47124
Traefik is an open source HTTP reverse proxy and load balancer. When Traefik is configured to use the `HTTPChallenge` to generate and renew the Let's Encrypt TLS certificates, the delay authorized to solve the challenge (50 seconds) can be exploited by malicious users to ach...
Traefik Traefik 3.0.0
Traefik Traefik
NA
CVE-2022-46153
Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured u...
Traefik Traefik
NA
CVE-2023-47107
PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within PILOS uses the hostname supplied within the request host header when building a password reset URL. It may be possible to manipulate the URL sen...
Thm Pilos
449
VMScore
CVE-2021-41277
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). UR...
Metabase Metabase 0.40.0
Metabase Metabase 0.40.1
Metabase Metabase 0.40.2
Metabase Metabase 0.40.3
Metabase Metabase 0.40.4
Metabase Metabase 1.40.0
Metabase Metabase 1.40.1
Metabase Metabase 1.40.2
Metabase Metabase 1.40.3
Metabase Metabase 1.40.4
15 Github repositories
445
VMScore
CVE-2018-12121
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to...
Nodejs Node.js
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Server Aus 8.4
1 Github repository
NA
CVE-2023-47106
Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain ...
Traefik Traefik 3.0.0
Traefik Traefik
NA
CVE-2022-23469
Traefik is an open source HTTP reverse proxy and load balancer. Versions before 2.9.6 are subject to a potential vulnerability in Traefik displaying the Authorization header in its debug logs. In certain cases, if the log level is set to DEBUG, credentials provided using the Auth...
Traefik Traefik
446
VMScore
CVE-2019-5737
In Node.js including 6.x prior to 6.17.0, 8.x prior to 8.15.1, 10.x prior to 10.15.2, and 11.x prior to 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the conne...
Nodejs Node.js
Opensuse Leap 42.3
312
VMScore
CVE-2021-25740
A security issue exists with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.
Kubernetes Kubernetes -
NA
CVE-2023-47112
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list...
Pagerduty Rundeck
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »