58647 matches found
MinIO Operator Console Authentication Bypass
MinIO Console is a graphical user interface for the for MinIO Operator. MinIO itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. id: CVE-2021-41266 info: name: MinIO Operator...
CVE-2026-46604 vulnerabilities
Vulnerabilities for packages: seaweedfs-operator, seaweedfs-fips, listmonk, gitlab-workhorse-ce, seaweedfs, seaweedfs-operator-fips, rclone-fips...
GHSA-QVQC-4C52-X6QP vulnerabilities
Vulnerabilities for packages: gpu-operator, guac, gpu-operator-fips...
CVE-2026-49349 vulnerabilities
Vulnerabilities for packages: gpu-operator, guac, gpu-operator-fips...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: tigera-operator, gitea-fips, zarf, reports-server, terraform, skaffold-fips, kyverno, omnictl-multiarch-fips, opentelemetry-collector, prometheus-fips, kyverno-fips, seaweedfs-rocksdb, gitlab-rails-ce, mattermost, rancher-agent, prometheus-operator, cilium-cli,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: tigera-operator, syft, gitea-fips, datadog-agent-fips, docker-fips, dagger, guac, zarf, policy-controller-fips, kyverno-policy-reporter-plugins-kyverno-fips, reports-server, terraform, wal-g, crossplane-provider-azure-powerbidedicated,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-elb-fips, zarf, kyverno-policy-reporter-plugins-kyverno-fips, crossplane-provider-aws-s3-fips, skaffold-fips, kyverno, omnictl-multiarch-fips, gitlab-rails-ce, livekit-cli, mattermost, rancher-agent, crossplane-provider-aws-scheduler,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: tigera-operator, gitea-fips, zarf, reports-server, terraform, skaffold-fips, kyverno, omnictl-multiarch-fips, opentelemetry-collector, prometheus-fips, kyverno-fips, seaweedfs-rocksdb, gitlab-rails-ce, mattermost, rancher-agent, prometheus-operator, cilium-cli,...
GHSA-89GR-R52H-F8RX vulnerabilities
Vulnerabilities for packages: tigera-operator, syft, gitea-fips, datadog-agent-fips, docker-fips, dagger, guac, zarf, policy-controller-fips, kyverno-policy-reporter-plugins-kyverno-fips, reports-server, terraform, wal-g, crossplane-provider-azure-powerbidedicated,...
GHSA-QPW4-5X99-6VJP vulnerabilities
Vulnerabilities for packages: tigera-operator, syft, gitea-fips, datadog-agent-fips, docker-fips, dagger, guac, zarf, reports-server, terraform, wal-g, skaffold-fips, kyverno, omnictl-multiarch-fips, opentelemetry-collector, terragrunt-fips, prometheus-fips, external-secrets-operator, kyverno-fip...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-elb-fips, zarf, kyverno-policy-reporter-plugins-kyverno-fips, crossplane-provider-aws-s3-fips, skaffold-fips, kyverno, omnictl-multiarch-fips, gitlab-rails-ce, livekit-cli, mattermost, rancher-agent, crossplane-provider-aws-scheduler,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: tigera-operator, syft, gitea-fips, dagger, guac, zarf, reports-server, terraform, skaffold-fips, kyverno, omnictl-multiarch-fips, opentelemetry-collector, terragrunt-fips, prometheus-fips, external-secrets-operator, kyverno-fips, gitlab-rails-ce, gomplate-fips, cg,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: argo-cd, prometheus-operator, osv-scanner, loki, vitess, rancher-agent, containerd, skaffold, zarf, gitlab-kas, aactl, chisel, mattermost, k9s, opentelemetry-collector, spire-server, istio, prometheus, knative-serving, kots, kaf, kubernetes, kine, argocd-image-update...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: steampipe, guac, sops, loki, tw, ko, containerd, wal-g, gptscript, crossplane-provider-aws-rds, chisel, eksctl, opentelemetry-collector, step, policy-controller, argo-events, caddy, syft, crossplane-provider-aws-sqs, fscrypt, witness,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: steampipe, guac, sops, loki, ko, containerd, wal-g, gptscript, chisel, eksctl, opentelemetry-collector, step, policy-controller, argo-events, caddy, syft, fscrypt, witness, crossplane-provider-azure-managedidentity, pulumi-language-dotnet, kyverno, rancher, terragrun...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: argo-cd, prometheus-operator, loki, vitess, rancher-agent, containerd, buildah, gitlab-kas, aactl, mattermost, opentelemetry-collector, spire-server, istio, prometheus, knative-serving, kots, docker-cli-buildx, kaf, kubernetes, kine, nerdctl, fscrypt, snyk-cli, minio...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: steampipe, guac, sops, loki, tw, ko, containerd, wal-g, gptscript, crossplane-provider-aws-rds, chisel, eksctl, opentelemetry-collector, step, policy-controller, argo-events, caddy, syft, crossplane-provider-aws-sqs, fscrypt, witness,...
CVE-2026-9640
A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...
CVE-2026-9640 LXD Snapshot Import Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...
EUVD-2026-39794
A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...