Lucene search
K

45 matches found

OSV
OSV
added 2026/03/27 12:0 a.m.2 views

OPENSUSE-SU-2026:10444-1 traefik-3.6.12-1.1 on GA media

These are all security issues fixed in the traefik-3.6.12-1.1 package on the GA media of openSUSE Tumbleweed...

8.3CVSS5.9AI score0.00463EPSS
Exploits1References3
OSV
OSV
added 2025/10/17 8:39 p.m.5 views

BIT-ARGO-WORKFLOWS-2025-62156 argo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwrite

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the unpack/untar logic...

8.8CVSS7.2AI score0.00551EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/10/15 9:42 p.m.4 views

CVE-2025-62156

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the unpack/untar logic...

8.1CVSS6.6AI score0.00551EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/10/15 8:47 p.m.12 views

CVE-2025-62157

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...

8.5CVSS6.1AI score0.00434EPSS
Exploits0References6
NVD
NVD
added 2025/10/14 3:16 p.m.9 views

CVE-2025-62157

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...

8.5CVSS0.00434EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/14 3:6 p.m.10 views

CVE-2025-62157 Argo Workflows exposes artifact repository credentials in workflow-controller logs

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...

8.5CVSS0.00434EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/14 2:52 p.m.15 views

CVE-2025-62156 argo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwrite

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the unpack/untar logic...

8.1CVSS0.00551EPSS
Exploits1References4
OSV
OSV
added 2025/10/14 2:52 p.m.6 views

CVE-2025-62156 argo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwrite

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the unpack/untar logic...

8.1CVSS7.2AI score0.00551EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.5 views

PT-2025-41938

Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to 3.6.12 Argo Workflows versions 3.7.0 through 3.7.2 Description Argo Workflows is a container-native workflow engine for Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact...

8.5CVSS6.5AI score0.00434EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.6 views

PT-2025-41937

Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to 3.6.12 Argo Workflows versions 3.7.0 through 3.7.2 Description Argo Workflows, a container-native workflow engine for Kubernetes, contains a Zip Slip path traversal issue during artifact extraction. The...

9.8CVSS6.9AI score0.00551EPSS
Exploits1References208
RedhatCVE
RedhatCVE
added 2025/05/22 8:8 a.m.6 views

CVE-2019-10765

iobroker.admin before 3.6.12 allows attacker to include file contents from outside the /log/file1/ directory...

9.8CVSS6.7AI score0.01714EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/06 1:7 p.m.12 views

CVE-2024-54213 WordPress WordPress Page Builder – Zion Builder plugin <= 3.6.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zionbuilder.io WordPress Page Builder – Zion Builder allows Stored XSS.This issue affects WordPress Page Builder – Zion Builder: from n/a through 3.6.12...

6.5CVSS6.8AI score0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/06 1:7 p.m.27 views

CVE-2024-54213 WordPress WordPress Page Builder – Zion Builder plugin <= 3.6.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zionbuilder ZionBuilder zionbuilder allows Stored XSS.This issue affects ZionBuilder: from n/a through = 3.6.16...

6.5CVSS0.00243EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.7 views

PT-2024-36091 · WordPress · Wordpress Page Builder – Zion Builder

Name of the Vulnerable Software and Affected Versions: WordPress Page Builder – Zion Builder versions 3.6.12 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS, where an...

6.5CVSS6.9AI score0.00243EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2024/02/08 12:0 a.m.4 views

VulnCheck KEV: CVE-2013-0213

The Samba Web Administration Tool SWAT in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a 1 FRAME or 2 IFRAME element...

5.1CVSS6.9AI score0.03248EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/18 12:0 a.m.6 views

phplist 安全漏洞

phplist is a suite of open source newsletter and email marketing software from UK-based phplist. A security vulnerability exists in phplist version 3.6.12, which stems from the presence of an access error that allows manipulation and editing of the system super administrator's data, which could...

6.7CVSS6.5AI score0.00343EPSS
Exploits1References4
OSV
OSV
added 2023/06/05 6:30 p.m.2 views

GHSA-9Q9M-C65C-37PQ Reportlab vulnerable to remote code execution

Reportlab up to and including v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file...

7.8CVSS6.2AI score0.02123EPSS
Exploits6References7
ATTACKERKB
ATTACKERKB
added 2023/06/05 4:15 p.m.3 views

CVE-2023-33733

Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file...

7.8CVSS7.2AI score0.02123EPSS
Exploits6References8
OSV
OSV
added 2023/06/05 4:15 p.m.4 views

UBUNTU-CVE-2023-33733

Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file...

7.8CVSS6.2AI score0.02123EPSS
Exploits6References5
Positive Technologies
Positive Technologies
added 2023/04/12 12:0 a.m.9 views

PT-2023-3430 · Wireshark +4 · Wireshark +4

Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.6.0 through 3.6.12 Wireshark versions 4.0.0 through 4.0.4 Description: The issue is related to a large loop in the LISP dissector of Wireshark, which can lead to a denial of service via packet injection or crafted capture...

9.8CVSS7.2AI score0.0462EPSS
Exploits35References187
Rows per page
Query Builder