19139 matches found
kernel: KVM: arm64: Tear down vGIC on failed vCPU creation
A use-after-free flaw was found in KVM for arm64 in the Linux Kernel, if the kvmarchvcpucreate fails to share the vCPU page with the hypervisor. This vulnerability could even lead to a kernel information leak problem...
PT-2026-5238
A weakness has been identified in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/course/controller.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been made available to...
SmartBlog security vulnerabilities
SmartBlog is a blog module developed by Muhammad Arifur Rahman. Version 2.0.1 of SmartBlog has a security vulnerability, which stems from blind SQL injection in the details controller’s idpost parameter, potentially allowing access to database information...
Gear Box Computers Program Access Controller code-related vulnerabilities
Gear Box Computers Program Access Controller is a program access controller developed by Gear Box Computers. Version 1.2.0.0 of the Gear Box Computers Program Access Controller contains a code vulnerability. This vulnerability stems from the PACService.exe file having a service path that is not...
PT-2026-5163
Name of the Vulnerable Software and Affected Versions SmartBlog version 2.0.1 Description The software contains a blind SQL injection issue in the id post parameter of the details controller. This allows attackers to extract database information by injecting crafted SQL queries that compare...
GHSA-8P9X-46GM-QFX2 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall
Summary A critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no enforcement that the request is limited to the policy’s namespace. As a result, any authenticated user with...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via apiCall. An attacker can gain unauthorized access to sensitive resources and escalate privileges via malicious urlPath values that cause the system to perform Kubernetes API requests outside the...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via apiCall. An attacker can gain unauthorized access to sensitive resources and escalate privileges via malicious urlPath values that cause the system to perform Kubernetes API requests outside the...
Kyverno Cross-Namespace Privilege Escalation via Policy apiCall
Summary A critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no enforcement that the request is limited to the policy’s namespace. As a result, any authenticated user with...
EUVD-2026-4811
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...
CVE-2026-22039
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...
CVE-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...
CVE-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...
CVE-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005075)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005075 advisory. In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndopollcontroller to avoid deadlocks Erhard reports netpoll warnings from...
Skipper Ingress Controller Allows Unauthorized Access to Internal Services via ExternalName
Impact When running Skipper as an Ingress controller, users with permissions to create an Ingress and a Service of type ExternalName can create routes that enable them to use Skipper's network access to reach internal services. Patches https://github.com/zalando/skipper/releases/tag/v0.24.0...
CVE-2026-24470 Skipper Ingress Controller Allows Unauthorized Access to Internal Services via ExternalName
Skipper is an HTTP router and reverse proxy for service composition. Prior to version 0.24.0, when running Skipper as an Ingress controller, users with permissions to create an Ingress and a Service of type ExternalName can create routes that enable them to use Skipper's network access to reach...
CVE-2026-24470
Skipper is an HTTP router and reverse proxy for service composition. Prior to version 0.24.0, when running Skipper as an Ingress controller, users with permissions to create an Ingress and a Service of type ExternalName can create routes that enable them to use Skipper's network access to reach...
CVE-2026-24470
CVE-2026-24470 affects the Skipper HTTP router/reverse proxy. Before v0.24.0, when Skipper runs as an Ingress controller, users with Ingress and ExternalName Service permissions could create routes enabling Skipper’s network access to reach internal services. The issue is mitigated by disabling K...
CVE-2025-9522 Blind Server-Side Request Forgery (SSRF) in Omada Controller
Blind Server-Side Request Forgery SSRF in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information...