Lucene search
K

107 matches found

Cvelist
Cvelist
added 2026/06/01 3:30 a.m.39 views

CVE-2026-10220 NousResearch hermes-agent skills_tool.py skill_view injection

A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function servepluginskill/skillview of the file tools/skillstool.py. Executing a manipulation can lead to injection. The attack may be performed from remote. The exploit has been publicly disclosed and ma...

7.5CVSS0.00304EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001334)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001334 advisory. Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. Tenable has extracted the preceding description...

9.3CVSS7.6AI score0.05123EPSS
Exploits0References4
Circl
Circl
added 2025/09/10 3:6 p.m.9 views

CVE-2025-10220

creationtimestamp| type| source ---|---|--- 2025-09-10 15:06:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyij3xrehn2m 2025-09-11 03:01:48+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lyjr326whw2w...

9.8CVSS4.8AI score0.00686EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/10 12:28 p.m.3 views

CVE-2025-10220 Outdated Third-Party NuGet Packages in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4

Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...

9.8CVSS7.4AI score0.00686EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 4: kubernetes (TSSA-2024:1093)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1093 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.1CVSS7.3AI score0.03001EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/28 10:0 p.m.5 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Kubernetes kubelet (CVE-2024-10220)

Summary A vulnerability in Kubernetes kubelet that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-10220 DESCRIPTION: Kubernetes kubelet could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper...

8.1CVSS7.4AI score0.03001EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/21 12:0 a.m.15 views

Photon OS 5.0: Kubernetes PHSA-2025-5.0-0487

An update of the kubernetes package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0487. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.1CVSS7AI score0.03001EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-10220

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29...

8.1CVSS7AI score0.03001EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2016-10220

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gsmakewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL point...

5.5CVSS6.4AI score0.01863EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.9 views

Azure Linux 3.0 Security Update: kubernetes (CVE-2024-10220)

The version of kubernetes installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10220 advisory. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo...

8.1CVSS7.3AI score0.03001EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/16 12:0 a.m.16 views

CBL Mariner 2.0 Security Update: kubernetes (CVE-2024-10220)

The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10220 advisory. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo...

8.1CVSS7.3AI score0.03001EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/01/15 6:22 p.m.11 views

CVE-2024-10220 affecting package kubernetes for versions less than 1.28.4-14

CVE-2024-10220 affecting package kubernetes for versions less than 1.28.4-14. A patched version of the package is available...

8.1CVSS8.4AI score0.03001EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/12/19 12:10 a.m.13 views

CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1

CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1. An upgraded version of the package is available that resolves this issue...

8.1CVSS6.5AI score0.03001EPSS
Exploits0
OSV
OSV
added 2024/12/13 1:17 p.m.3 views

OESA-2024-2532 kubernetes security update

Container cluster management. Security Fixes: A vulnerability, which was classified as problematic, was found in Kubernetes up to 1.28.11/1.29.6/1.30.2 Virtualization Software. Affected is an unknown code block of the component gitRepo Volume Handler. Upgrading to version 1.28.12, 1.29.7, 1.30.3 ...

8.1CVSS6.8AI score0.03001EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2024/12/12 12:0 a.m.11 views

govulncheck-vulndb-0.0.20241209T183251-1.1 on GA media (moderate)

govulncheck-vulndb-0.0.20241209T183251-1.1 on GA media Announcement ID: openSUSE-SU-2024:14567-1 Rating: moderate Cross-References: CVE-2024-10220 CVE-2024-36620 CVE-2024-36621 CVE-2024-36623 CVE-2024-37820 CVE-2024-43784 CVE-2024-45719 CVE-2024-50948 CVE-2024-52003 CVE-2024-52529 CVE-2024-52801...

8.1CVSS7.4AI score0.03001EPSS
Exploits3
OpenVAS
OpenVAS
added 2024/12/09 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2024-0389)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.5AI score0.03001EPSS
Exploits1References6
Mageia
Mageia
added 2024/12/06 5:9 p.m.32 views

Updated kubernetes packages fix security vulnerabilities

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures...

8.1CVSS7AI score0.03001EPSS
Exploits1References4
Chainguard
Chainguard
added 2024/11/22 5:15 p.m.10 views

CVE-2024-10220 vulnerabilities

Vulnerabilities for packages: rancher-webhook, rancher-webhook-fips, argocd-image-updater-fips, argocd-image-updater, local-static-provisioner, aws-efs-csi-driver-fips, ip-masq-agent, kubeflow-pipelines, kubernetes-dns-node-cache, nodetaint, kubernetes-dns-node-cache-fips, k8s-device-plugin,...

8.1CVSS7.2AI score0.03001EPSS
Exploits0
NVD
NVD
added 2024/11/22 5:15 p.m.17 views

CVE-2024-10220

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...

8.1CVSS0.03001EPSS
Exploits0References3
OSV
OSV
added 2024/11/22 5:15 p.m.6 views

AZL-53528 CVE-2024-10220 affecting package kubernetes for versions less than 1.30.3-1

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...

8.1CVSS7.5AI score0.03001EPSS
Exploits0References1
Rows per page
Query Builder