CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

88 matches found

OSV•added 2022/02/08 9:50 p.m.•28 views

GHSA-J9WF-VVM6-4R9W Unverified Ownership in Kubernetes

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

5CVSS5.6AI score0.25265EPSS

Exploits3References12

GitLab Advisory Database•added 2022/02/08 12:0 a.m.•39 views

Incorrect Authorization

6.3CVSS4.9AI score0.25265EPSS

Exploits3References11Affected Software1

Hacker One•added 2021/11/03 7:40 p.m.•25 views

Rocket.Chat: Possible Domain Takeover on AWS Instance.

The vulnerable domain possibly available for takeover is: traefik-livedemo.rocket.chat CNAME: a0e7eaaaa82f611e9b1cc0e9ccd15f3e-557536140.us-west-2.elb.amazonaws.com. This domain, contains a record pointing to these an WS instance. When querying for any IP under the instance, I got returned an...

1.9AI score

Exploits0

IBM Security Bulletins•added 2021/09/02 9:13 p.m.•32 views

Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8554)

Summary IBM Cloud Private is vulnerable to Kubernetes vulnerabilities Vulnerability Details CVEID: CVE-2020-8554 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when using LoadBalancer or ExternalIPs. By using man-in-the-middle...

6.3CVSS0.8AI score0.25265EPSS

Exploits3Affected Software1

RedHat Linux•added 2021/08/03 8:28 p.m.•275 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Platform for Windows Containers 3.0.0 security and bug fix update

The components for Red Hat OpenShift Container Platform for Windows Containers 3.0.0 are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

7.2CVSS6.5AI score0.00121EPSS

Exploits0References11

RedHat Linux•added 2021/06/23 5:37 a.m.•196 views

Moderate: Red Hat Security Advisory: Windows Container Support for Red Hat OpenShift 2.0.1 security and bug fix update

The components for Windows Container Support for Red Hat OpenShift 2.0.1 are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.3CVSS6.9AI score0.00091EPSS

Exploits0References8

RedhatCVE•added 2021/05/11 8:55 p.m.•24 views

CVE-2021-25736

A flaw was found in the Windows kube-proxy component. In a cloud environment that does not set the “.status.loadBalancer.ingress.ip” field in the LoadBalancer service status configuration for example in AWS the packets can be misrouted and reach an unintended destination...

6.3CVSS3.1AI score0.00091EPSS

Exploits0References4

IBM Security Bulletins•added 2021/03/11 10:40 a.m.•39 views

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes security vulnerability (CVE-2020-8554)

Summary Red Hat OpenShift on IBM Cloud is affected by a Kubernetes security vulnerability that could allow a malicious user to intercept traffic from other pods or nodes in the cluster CVE-2020-8554 Vulnerability Details CVEID: CVE-2020-8554 Description: Kubernetes could allow a remote...

6.3CVSS0.2AI score0.25265EPSS

Exploits3Affected Software1

OSV•added 2021/01/21 5:15 p.m.•3 views

AZL-35135 CVE-2020-8554 affecting package python-kubernetes for versions less than 21.7.0-1

5CVSS6.7AI score0.25265EPSS

Exploits3References1

OSV•added 2021/01/21 5:15 p.m.•0 views

AZL-34893 CVE-2020-8554 affecting package kubernetes for versions less than 1.28.3-2

5CVSS6.7AI score0.25265EPSS

Exploits3References1

OSV•added 2021/01/21 5:15 p.m.•1 views

DEBIAN-CVE-2020-8554