CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

209 matches found

OSV•added 2025/10/30 10:15 a.m.•1 views

CVE-2025-54470

This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server. In affected versions, NeuVector does not enforce TLS certificate verification when...

8.6CVSS5.8AI score0.00072EPSS

Exploits0References2

OSV•added 2025/10/30 10:15 a.m.•1 views

CVE-2025-54471

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...

6.5CVSS5.8AI score0.00044EPSS

Exploits0References2

NVD•added 2025/10/30 10:15 a.m.•4 views

CVE-2025-54471

6.5CVSS0.00044EPSS

Exploits0References2

NVD•added 2025/10/30 10:15 a.m.•3 views

CVE-2025-54469

A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...

9.9CVSS0.00059EPSS

Exploits0References2

OSV•added 2025/10/30 10:15 a.m.•0 views

CVE-2025-54469

9.9CVSS6AI score0.00059EPSS

Exploits0References2

CVE•added 2025/10/30 9:41 a.m.•26 views

CVE-2025-54469

NeuVector Enforcer is vulnerable to command injection due to unsanitized use of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to compose shell commands via popen. Connected sources (GO-2025-4042, NVD/OSV entries) confirm the issue and potential impact (command injection; buffer over...

9.9CVSS6.8AI score0.00059EPSS

Exploits0References2

Vulnrichment•added 2025/10/30 9:41 a.m.•2 views

CVE-2025-54469 NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow

9.9CVSS7.1AI score0.00059EPSS

Exploits0References2

EUVD•added 2025/10/30 9:41 a.m.•2 views

EUVD-2025-35221

9.9CVSS6.7AI score0.00059EPSS

Exploits0References4

Vulnrichment•added 2025/10/30 9:38 a.m.•3 views

CVE-2025-54470 NeuVector telemetry sender is vulnerable to MITM and DoS

8.6CVSS6.2AI score0.00072EPSS

Exploits0References2

Cvelist•added 2025/10/30 9:38 a.m.•5 views

CVE-2025-54470 NeuVector telemetry sender is vulnerable to MITM and DoS

8.6CVSS0.00072EPSS

Exploits0References2

EUVD•added 2025/10/30 9:38 a.m.•1 views

EUVD-2025-35220

8.6CVSS6AI score0.00072EPSS

Exploits0References6

CNNVD•added 2025/10/30 12:0 a.m.•2 views

NeuVector 安全漏洞

NeuVector is an end-to-end container security platform from US-based NeuVector. The platform includes features such as image vulnerability management, access control and container process/filesystem protection. NeuVector suffers from a security vulnerability that stems from the use of hard-coded...

6.5CVSS6.1AI score0.00044EPSS

Exploits0References2

CNNVD•added 2025/10/30 12:0 a.m.•4 views

NeuVector 操作系统命令注入漏洞

NeuVector is an end-to-end container security platform from US-based NeuVector. The platform includes features such as image vulnerability management, access control, and container process/filesystem protection. NeuVector suffers from an operating system command injection vulnerability that stems...

9.9CVSS7.2AI score0.00059EPSS

Exploits0References2

CNNVD•added 2025/10/30 12:0 a.m.•2 views

NeuVector 信任管理问题漏洞

NeuVector is an end-to-end container security platform from US-based NeuVector. The platform includes features such as image vulnerability management, access control and container process/filesystem protection. A trust management issue vulnerability exists in NeuVector that stems from not enforci...

8.6CVSS6.3AI score0.00072EPSS

Exploits0References2