49 matches found
EUVD-2019-0094
Malware in sbrugna...
CVE-2025-10255
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
Linux Distros Unpatched Vulnerability : CVE-2019-10856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255...
CVE-2025-46599
CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing...
PT-2025-17879 · Cncf · K3S
Name of the Vulnerable Software and Affected Versions: CNCF K3s versions 1.32 through 1.32.4-rc1+k3s1 Description: The issue arises from a Kubernetes kubelet configuration change, which in certain situations, sets ReadOnlyPort to 10255. This could potentially allow unauthenticated access to this...
Linux Distros Unpatched Vulnerability : CVE-2016-10255
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The libelfsetrawdatawrlock function in elfgetdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service crash via a crafted 1 shoff or...
CVE-2020-10255
creationtimestamp| type| source ---|---|--- 2024-10-10 02:45:34+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/779...
F5 Networks BIG-IP : Rowhammer hardware vulnerability (K60570139)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K60570139 advisory. - Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations...
SUSE CVE-2020-8551
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...
Mageia: Security Advisory (MGASA-2022-0323)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5585-1: Jupyter Notebook vulnerabilities
It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting XSS attacks on the notebook server. This issue only affected Ubuntu 18.04 LTS. CVE-2018-19351 It...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Jupyter Notebook vulnerabilities (USN-5585-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5585-1 advisory. It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack ...
GHSA-QHM4-JXV7-J9PQ Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...
Mageia: Security Advisory (MGASA-2018-0027)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1733-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2020-8551
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...
CVE-2020-8551
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...
CVE-2020-8551
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...
Denial Of Service (DoS)
github.com/kubernetes/kubernetes is vulnerable to denial of service. A remote attacker is able to crash the application via a malicious request to the unauthenticated HTTP read-only API that is typically served on port 10255, and the authenticated HTTPS API typically served on port 10250...
PT-2020-20203 · Kubernetes +1 · Kubernetes +1
Name of the Vulnerable Software and Affected Versions: Kubernetes versions 1.15.0 through 1.15.9 Kubernetes versions 1.16.0 through 1.16.6 Kubernetes versions 1.17.0 through 1.17.2 Description: The Kubelet component has been found to be vulnerable to a denial of service attack via the kubelet API...