107 matches found
CVE-2026-10220 NousResearch hermes-agent skills_tool.py skill_view injection
A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function servepluginskill/skillview of the file tools/skillstool.py. Executing a manipulation can lead to injection. The attack may be performed from remote. The exploit has been publicly disclosed and ma...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001334)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001334 advisory. Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. Tenable has extracted the preceding description...
CVE-2025-10220
creationtimestamp| type| source ---|---|--- 2025-09-10 15:06:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyij3xrehn2m 2025-09-11 03:01:48+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lyjr326whw2w...
CVE-2025-10220 Outdated Third-Party NuGet Packages in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4
Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...
TencentOS Server 4: kubernetes (TSSA-2024:1093)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1093 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Kubernetes kubelet (CVE-2024-10220)
Summary A vulnerability in Kubernetes kubelet that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-10220 DESCRIPTION: Kubernetes kubelet could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper...
Photon OS 5.0: Kubernetes PHSA-2025-5.0-0487
An update of the kubernetes package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0487. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Linux Distros Unpatched Vulnerability : CVE-2024-10220
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29...
Linux Distros Unpatched Vulnerability : CVE-2016-10220
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gsmakewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL point...
Azure Linux 3.0 Security Update: kubernetes (CVE-2024-10220)
The version of kubernetes installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10220 advisory. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo...
CBL Mariner 2.0 Security Update: kubernetes (CVE-2024-10220)
The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10220 advisory. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo...
CVE-2024-10220 affecting package kubernetes for versions less than 1.28.4-14
CVE-2024-10220 affecting package kubernetes for versions less than 1.28.4-14. A patched version of the package is available...
CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1
CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1. An upgraded version of the package is available that resolves this issue...
OESA-2024-2532 kubernetes security update
Container cluster management. Security Fixes: A vulnerability, which was classified as problematic, was found in Kubernetes up to 1.28.11/1.29.6/1.30.2 Virtualization Software. Affected is an unknown code block of the component gitRepo Volume Handler. Upgrading to version 1.28.12, 1.29.7, 1.30.3 ...
govulncheck-vulndb-0.0.20241209T183251-1.1 on GA media (moderate)
govulncheck-vulndb-0.0.20241209T183251-1.1 on GA media Announcement ID: openSUSE-SU-2024:14567-1 Rating: moderate Cross-References: CVE-2024-10220 CVE-2024-36620 CVE-2024-36621 CVE-2024-36623 CVE-2024-37820 CVE-2024-43784 CVE-2024-45719 CVE-2024-50948 CVE-2024-52003 CVE-2024-52529 CVE-2024-52801...
Mageia: Security Advisory (MGASA-2024-0389)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated kubernetes packages fix security vulnerabilities
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures...
CVE-2024-10220 vulnerabilities
Vulnerabilities for packages: rancher-webhook, rancher-webhook-fips, argocd-image-updater-fips, argocd-image-updater, local-static-provisioner, aws-efs-csi-driver-fips, ip-masq-agent, kubeflow-pipelines, kubernetes-dns-node-cache, nodetaint, kubernetes-dns-node-cache-fips, k8s-device-plugin,...
CVE-2024-10220
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...
AZL-53528 CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...