32409 matches found
CVE-2025-62338
The HCL BigFix Cloud Lifecycle Management is affected by Lack Of Input Validation. It may leads to an information exposure vulnerability. This low-level flaw allows unauthorized access...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, aws-otel-collector, stern, kube-rbac-proxy, terraform-provider-grafana, terraform-provider-time, grafana, ipfs-cluster, rancher-webhook, gitlab-runner...
CVE-2026-39821 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, aws-otel-collector, stern, kube-rbac-proxy, terraform-provider-grafana, terraform-provider-time, grafana, ipfs-cluster, rancher-webhook, gitlab-runner...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, flux-fips, cass-operator-fips, rancher-webhook, kubelet-csr-approver-fips, neuvector-sigstore-interface-fips, grafana-fips, databricks-cli, databricks-cli-fips, ipfs-cluster, stern, terraform-provider-time, kyverno-fips, seaweedfs-rocksdb,...
CVE-2025-62338
The HCL BigFix Cloud Lifecycle Management is affected by Lack Of Input Validation. It may leads to an information exposure vulnerability. This low-level flaw allows unauthorized access...
CVE-2025-62338 The HCL BigFix Cloud Lifecycle Management is affected by Lack of Input Validation.
The HCL BigFix Cloud Lifecycle Management is affected by Lack Of Input Validation. It may leads to an information exposure vulnerability. This low-level flaw allows unauthorized access...
EUVD-2025-210065
The HCL BigFix Cloud Lifecycle Management is affected by Lack Of Input Validation. It may leads to an information exposure vulnerability. This low-level flaw allows unauthorized access...
CVE-2025-62338 The HCL BigFix Cloud Lifecycle Management is affected by Lack of Input Validation.
The HCL BigFix Cloud Lifecycle Management is affected by Lack Of Input Validation. It may leads to an information exposure vulnerability. This low-level flaw allows unauthorized access...
CVE-2026-10843
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
CVE-2026-10843
OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS allow operator credentials to have account-wide permissions for destructive actions, rather than being restricted to cluster-owned resources. This enables cross-scope impact after credential compromise. The CVE-2026-10843 entry do...
EUVD-2026-34249
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
CVE-2026-10843
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
CVE-2026-10843 Cloud-credential-operator: cco mint-mode credentialsrequest manifests grant account-wide iam access beyond cluster scope on aws
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
CVE-2026-10843 Cloud-credential-operator: cco mint-mode credentialsrequest manifests grant account-wide iam access beyond cluster scope on aws
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
CVE-2026-10843
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
EUVD-2026-34231
Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links...
Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months
Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in small, repeated batches and routing it through Dropbox and OneDrive so the traffic blended into normal cloud activity. Symantec and Carbon Black...
CVE-2026-49193
Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet...
CVE-2026-49193
Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet...
CVE-2026-49193
Technical details about CVE-2026-49193 are not publicly available in the provided documents; monitor for updates from official sources.