Lucene search
+L

496 matches found

CNVD
CNVD
added 2021/09/17 12:0 a.m.28 views

kubernetes input validation error vulnerability

Kubernetes is an open source Docker container cluster management system from the American Linux Foundation. The system provides resource scheduling, deployment operations, service discovery, and scale-up and scale-down for containerized applications. kubernetes has a security vulnerability that c...

8.8CVSS1AI score0.06873EPSS
Exploits1References1
Veracode
Veracode
added 2021/08/13 6:3 p.m.27 views

Privilege Escalation

openshift is vulnerable to privilege escalation. The vulnerability exists due to incorrectly included additional certificates which allows pods to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA...

4.6CVSS3.6AI score0.00284EPSS
Exploits1References3Affected Software1
Fedora
Fedora
added 2021/08/11 1:7 a.m.42 views

[SECURITY] Fedora 33 Update: podman-3.2.3-2.fc33

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

6.5CVSS7.8AI score0.06975EPSS
Exploits1
WPVulnDB
WPVulnDB
added 2021/08/06 12:0 a.m.13 views

Pods < 2.7.29 - Multiple Authenticated Stored Cross-Site Scripting (XSS)

The plugin is vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability in multiple parameters. PoC 1. Go to /wp-admin/admin.php?page=pods 2. Edit one of the pods 3. Choose "Labels" menu 4. In "Label", "Singular Label", "Add New", or "All" input field, you can inject...

1.9AI score
Exploits0Affected Software1
wpexploit
wpexploit
added 2021/08/06 12:0 a.m.580 views

Pods < 2.7.29 - Multiple Authenticated Stored Cross-Site Scripting (XSS)

The plugin is vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability in multiple parameters. 1. Go to /wp-admin/admin.php?page=pods 2. Edit one of the pods 3. Choose "Labels" menu 4. In "Label", "Singular Label", "Add New", or "All" input field, you can inject an XS...

0.5AI score
Exploits0
NVD
NVD
added 2021/07/30 8:15 p.m.35 views

CVE-2021-3636

It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that present certificate...

4.6CVSS0.00284EPSS
Exploits1References1
Prion
Prion
added 2021/07/30 8:15 p.m.20 views

Code injection

It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that present certificate...

4.1CVSS6.5AI score0.00284EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2021/06/21 8:15 p.m.8 views

CVE-2021-24339

The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability within the 'Menu Label' field parameter...

5.4CVSS5.6AI score0.0076EPSS
Exploits1References2
OSV
OSV
added 2021/06/21 8:15 p.m.8 views

CVE-2021-24338

The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability within the 'Singular Label' field parameter...

5.4CVSS5.6AI score0.00792EPSS
Exploits1References2
Prion
Prion
added 2021/06/21 8:15 p.m.14 views

Cross site scripting

The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability within the 'Singular Label' field parameter...

3.5CVSS5.3AI score0.00792EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/06/21 8:15 p.m.18 views

Cross site scripting

The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability within the 'Menu Label' field parameter...

3.5CVSS5.3AI score0.0076EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/06/21 7:18 p.m.29 views

CVE-2021-24339 Pods < 2.7.27 - Authenticated Stored Cross-Site Scripting (XSS)

The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability within the 'Menu Label' field parameter...

5.5AI score0.0076EPSS
Exploits1References2
CVE
CVE
added 2021/06/21 7:18 p.m.66 views

CVE-2021-24339

CVE-2021-24339 Identified in the Pods – Custom Content Types and Fields WordPress plugin prior to 2.7.27. The vulnerability is an Authenticated Stored Cross-Site Scripting (XSS) in the Menu Label field parameter. Impact and exploitability details in the provided references align to an XSS risk th...

5.4CVSS5.3AI score0.0076EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/06/21 7:18 p.m.70 views

CVE-2021-24338

The Pods – Custom Content Types and Fields WordPress plugin is affected: versions before 2.7.27 have an Authenticated Stored Cross-Site Scripting (XSS) vulnerability in the Singular Label field parameter caused by insufficient input validation. This is an authenticated vulnerability (requires use...

5.4CVSS5.3AI score0.00792EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/06/21 12:0 a.m.5 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress Pods WordPress Plugin versions prior to 2.7.27, which stems...

5.4CVSS5.5AI score0.0076EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/06/21 12:0 a.m.5 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Pods WordPress Plugin versions prior to 2.7.27, whi...

5.4CVSS5.5AI score0.00792EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2021/06/09 10:43 a.m.109 views

Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances

Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers. The campaign involved deploying TensorFlow pods on Kubernetes clusters, with the pods running legitimate TensorFlow images from the official...

0.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/06/02 12:0 a.m.5 views

PT-2021-9718 · Red Hat · Openshift Container Platform

Name of the Vulnerable Software and Affected Versions: OpenShift Container Platform affected versions not specified Description: A flaw in the Restricted Security Context Constraints SCC allows pods to craft custom network packets, enabling an attacker to cause a denial of service attack on a...

6.5CVSS6.1AI score0.0093EPSS
Exploits0References3
Rapid7 Blog
Rapid7 Blog
added 2021/05/06 7:29 p.m.215 views

MDR Vendor Must-Haves, Part 9: Assigned Analyst Pods and Security Program Advisors

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” Every organization is unique, with different goals, missions, security maturities, staffing models, technologies...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/05/03 10:36 p.m.176 views

Kubernetes Security Is Not Container Security

Container-specific security I recently had an interesting discussion with Gianluca Brindisi from Spotify about the differences between Kubernetes security and container security. Typically, the discussion about container security focuses on general questions that aren’t focused on a specific...

7.2AI score
Exploits0
Rows per page
Query Builder