605 matches found
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update
Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...
CVE-2026-8381
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
CVE-2026-8381
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
EUVD-2026-31420
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
CVE-2026-8381 Broken Access Control in TeamViewer DEX Platform (On Premises)
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
CVE-2026-8381 Broken Access Control in TeamViewer DEX Platform (On Premises)
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
TeamViewer DEX Platform On-Premises 安全漏洞
The TeamViewer DEX Platform On-Premises is a locally deployed digital employee experience management platform by the German company TeamViewer. Prior to version 9.2 of the TeamViewer DEX Platform On-Premises, there were security vulnerabilities. These vulnerabilities stemmed from incorrect...
PT-2026-42736
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
EUVD-2026-30056
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...
CVE-2026-2695
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...
CVE-2026-2695
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...
CVE-2026-2695 Lack of Server-side validation in Instruction Input in TeamViewer DEX Platform (On-Premises)
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...
CVE-2026-2695 Lack of Server-side validation in Instruction Input in TeamViewer DEX Platform (On-Premises)
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...
Argo Affected by SSO RBAC Delegation Nil Pointer Dereference DoS (gatekeeper.go)
Summary A nil pointer dereference in server/auth/gatekeeper.go rbacAuthorization causes a panic denial of service for SSO users whose claims match a namespace-level RBAC rule but not an SSO-namespace rule, when SSODELEGATERBACTONAMESPACE=true. Details When getServiceAccountclaims, ssoNamespace...
GHSA-MH2Q-Q3FH-2475 vulnerabilities
Vulnerabilities for packages: skopeo-fips, cert-manager-openshift-routes, crossplane-provider-aws-lambda, crossplane-provider-aws-athena, rclone, crossplane-provider-azure-notificationhubs, crossplane-provider-aws-emr-fips, longhorn-manager, crossplane-provider-aws-appflow-fips, promxy-fips,...
CVE-2026-29181 vulnerabilities
Vulnerabilities for packages: skopeo-fips, cert-manager-openshift-routes, crossplane-provider-aws-lambda, crossplane-provider-aws-athena, rclone, crossplane-provider-azure-notificationhubs, crossplane-provider-aws-emr-fips, longhorn-manager, crossplane-provider-aws-appflow-fips, promxy-fips,...
GHSA-PJCQ-XVWQ-HHPJ vulnerabilities
Vulnerabilities for packages: rclone, k6, terraform, zot, minio, grafana, dex, spqr, cert-manager-csi-driver, rancher, openbao, external-secrets-operator, telegraf, cert-manager-cmctl, ratify, frp, opentofu, percona-server-mongodb-operator, seaweedfs, harbor, gitlab-runner, teleport, nuclei,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: rclone, k6, terraform, zot, minio, grafana, dex, spqr, cert-manager-csi-driver, rancher, openbao, external-secrets-operator, telegraf, cert-manager-cmctl, ratify, frp, opentofu, percona-server-mongodb-operator, seaweedfs, harbor, gitlab-runner, teleport, nuclei,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: nuclei, syncthing, cert-manager-csi-driver-fips, telegraf, cert-manager-openshift-routes, agentbeat, rclone, zitadel, beats, gitlab-runner, harbor, neuvector, grafana-fips, external-secrets-operator, cert-manager-csi-driver, percona-server-mongodb-operator,...
EUVD-2026-21856
Improper access control in Samsung DeX prior to SMR Apr-2026 Release 1 allows physical attackers to access to hidden notification contents...