Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Prior to 1.5.7 and 1.6.2, EnvoyExtensionPolicy Lua scripts executed by Envoy p
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager (FilterManager) that allows for Zombie Str
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In versions below 1.32.10 and 1.33.0 through 1.33.6, 1.34.0 through 1.34.4 and 1.35.0,
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Envoy) a
A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to improper HTTP header san
A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attack
Consul and Consul Enterprise’s (“Consul”) key/value endpoint is vulnerable to denial of service (DoS) due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utiliza
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected d
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Enphase) al
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, he fix for no_proxy hostname normalization bypass is incomplete. When no_proxy=localhost is set, requests
Improper handling of non-200 http responses in the PingFederate Google Adapter leads to thread exhaustion under normal usage conditions.
Improper Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in Delinea Inc. Cloud Suite and Privileged Access Service. If you're not using the latest Server Suite agents, this fi
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checking NO_PROXY rules. Requests to loopback
A lack of proper input validation in the HTTP processing path in TP-Link Archer BE230 v1.2 (web modules) may allow a crafted request to cause the device’s web service to become unresponsive, resulting
A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query Parameter
CVE-2024-21878
CRITICAL CVSS 9.2
Find Similar
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. This vulnerability is pre