406 matches found
CVE-2026-44903 vulnerabilities
Vulnerabilities for packages: fluent-bit-plugin-loki, opentelemetry-collector, node-problem-detector, opentelemetry-operator, certificate-transparency, opentelemetry-collector-contrib, jaeger, tempo, istio, minio, mcp-grafana, prometheus-pushgateway, splunk-otel-collector, cloud-sql-proxy, keda,...
GHSA-VFFH-X6R8-XX99 vulnerabilities
Vulnerabilities for packages: node-problem-detector, certificate-transparency, jaeger, tempo, istio, minio-operator, minio, mcp-grafana, prometheus-pushgateway, splunk-otel-collector, cloud-sql-proxy, keda, karma, telegraf, datadog-agent, trillian, mc, prometheus, grafana-pyroscope,...
CVE-2026-40179 vulnerabilities
Vulnerabilities for packages: node-problem-detector, certificate-transparency, jaeger, tempo, istio, minio-operator, minio, mcp-grafana, prometheus-pushgateway, splunk-otel-collector, cloud-sql-proxy, keda, karma, telegraf, datadog-agent, trillian, mc, prometheus, grafana-pyroscope,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: nova-fips, external-secrets-operator-fips, oras, nfs-subdir-external-provisioner, pluto-fips, local-path-provisioner-fips, flux-image-automation-controller, flux-source-controller-fips, flux-source-watcher-fips, commercial-chainloop-cli, local-path-provisioner,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: nova-fips, external-secrets-operator-fips, oras, nfs-subdir-external-provisioner, pluto-fips, local-path-provisioner-fips, flux-image-automation-controller, flux-source-controller-fips, flux-source-watcher-fips, commercial-chainloop-cli, local-path-provisioner,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: knative-kafka-broker, terraform-provider-aws-fips, chartmuseum-fips, nri-consul, external-secrets-operator-fips, hugo-fips, kubectx, task, crossplane-provider-aws-kms-fips, eks-node-monitoring-agent-fips, quic-go, external-dns-fips, crossplane-provider-aws-wafv2-fips...
CLEANSTART-2026-OH74241 Security fixes for GHSA-MQQF-5WVP-8FH8 applied in versions: 0.122-r0
Security vulnerability affects the karma-fips package. This issue is resolved in later releases. See references for vulnerability details...
CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
UBUNTU-CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236 PEAR is Vulnerable to SQL Injection in Damblan_Karma IN() Query via Literal Substitution
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236
CVE-2026-25236 affects the PEAR PHP framework. The vulnerability is a SQL injection risk in karma queries caused by unsafe literal substitution for an IN (...) list. Root cause: unsafe literal handling in Karma DAMBLAN-related queries prior to version 1.33.0. Impact: potential SQL injection. Miti...
CVE-2026-25236 PEAR is Vulnerable to SQL Injection in Damblan_Karma IN() Query via Literal Substitution
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236 PEAR is Vulnerable to SQL Injection in Damblan_Karma IN() Query via Literal Substitution
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
EUVD-2026-5199
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
PT-2026-6285
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2020-7626
karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...
CVE-2022-0437
Cross-site Scripting XSS - DOM in NPM karma prior to 6.3.14...