7 matches found
BIT-CILIUM-2024-47825 CIDR deny policies may not take effect when a more narrow CIDR allow is present
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...
PT-2024-32836 · Cilium +1 · Cilium +1
Name of the Vulnerable Software and Affected Versions: Cilium versions 1.14.0 through 1.14.15 Cilium versions 1.15.0 through 1.15.9 Description: A policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSet or toFQDN and...
HashiCorp Consul: Multiple Vulnerabilities
Background HashiCorp Consul is a tool for service discovery, monitoring and configuration. Description Multiple vulnerabilities have been found in HashiCorp Consul. Please review the CVE identifiers referenced below for details. Impact Please review the CVE identifiers referenced below for detail...
UBUNTU-CVE-2024-42472
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
CVE-2024-42472 Flatpak may allow access to files outside sandbox for certain apps
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
Google Kubernetes API Server Resource Management Error Vulnerability
Google Kubernetes is an open source Docker container cluster management system from Google. The system provides resource scheduling, deployment, service discovery, and scaling functions for containerized applications.API server is one of the API Application Programming Interface server. A resourc...
GigToDo 1.3 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: GigToDo - Freelance Marketplace Script v1.3 Persistent XSS Injection Author: m0ze Vendor Homepage: https://www.gigtodoscript.com Software Link: https://codecanyon.net/item/gigtodo-freelance-marketplace-script/23855397 Version: =...