Lucene search
+L

496 matches found

0day.today
0day.today
added 2018/11/25 12:0 a.m.26 views

WordPress Pods 2.7.9 Database Disclosure Vulnerability

WordPress Pods plugin version 2.7.9 suffers from a database disclosure vulnerability. Exploit Title : WordPress Pods Plugins 2.7.9 Database Backup Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Vendor Homepage : +...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/22 12:0 a.m.123 views

WordPress Pods 2.7.9 Database Disclosure

Exploit Title : WordPress Pods Plugins 2.7.9 Database Backup Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 22/11/2018 Vendor Homepage : + wordpress.org/plugins/pods/ pods.io +...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/11/21 11:56 a.m.5 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
RedHat Linux
RedHat Linux
added 2018/11/20 3:15 a.m.45 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 3.10 security update

An update is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS7.3AI score0.86978EPSS
Exploits10References4
RedHat Linux
RedHat Linux
added 2018/11/20 3:11 a.m.8 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
RedHat Linux
RedHat Linux
added 2018/11/20 3:11 a.m.7 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
RedHat Linux
RedHat Linux
added 2018/11/19 12:31 p.m.2 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
Prion
Prion
added 2018/09/11 4:29 p.m.25 views

Cross site scripting

A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim...

3.5CVSS5.2AI score0.01077EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2018/09/11 4:29 p.m.28 views

CVE-2018-10937

A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim...

5.4CVSS6AI score0.01077EPSS
Exploits1References4
Fedora
Fedora
added 2018/07/03 2:12 p.m.23 views

[SECURITY] Fedora 27 Update: podman-0.6.4-1.gitd5beb2f.fc27

Manage Pods, Containers and Container Images libpod provides a library for applications looking to use the Container Pod concept popularized by Kubernetes...

8.8CVSS2.9AI score0.00878EPSS
Exploits0
CVE
CVE
added 2018/04/11 7:0 p.m.59 views

CVE-2017-7534

OpenShift Enterprise 3.x contains a stored cross-site scripting (XSS) vulnerability in the pod log viewer. The issue arises from inadequate sanitization of user input, specifically terminal escape characters, which can cause clickable links to be created when viewing pod logs. The vulnerability a...

5.4CVSS5.2AI score0.00555EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/06/08 5:59 p.m.4 views

CVE-2016-3738

Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the Docker socket and gain privileges via vectors related to build-pod...

8.8CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2016/06/08 12:0 a.m.8 views

PT-2016-5669 · Red Hat · Red Hat Openshift Enterprise

Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise version 3.2 Description: The issue allows remote authenticated users to access network resources on restricted pods via an s2i build with a builder image that contains ONBUILD commands or does not contain a tar...

7.1CVSS7AI score0.01118EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/05/19 8:12 p.m.8 views

origin: pod update allows docker socket access via build-pod

A vulnerability was found in the STI build process in OpenShift Enterprise. Access to STI builds was not properly restricted, allowing an attacker to use STI builds to access the Docker socket and escalate their privileges...

8.8CVSS5.7AI score0.01941EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/19 8:12 p.m.7 views

3: s2i builds implicitly perform docker builds

A flaw was found in OpenShift Enterprise when multi-tenant SDN is enabled and a build is run within a namespace that would normally be isolated from pods in other namespaces. If an s2i build is run in such an environment the container being built can access network resources on pods that should n...

7.1CVSS5.7AI score0.01118EPSS
Exploits0References4
seebug.org
seebug.org
added 2015/11/20 12:0 a.m.27 views

Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2015/08/24 2:59 p.m.23 views

CVE-2015-5222

Red Hat OpenShift Enterprise 3.0.0.0 does not properly check permissions, which allows remote authenticated users with build permissions to execute arbitrary shell commands with root permissions on arbitrary build pods via unspecified vectors...

8.5CVSS7.3AI score0.0269EPSS
Exploits0References1
Prion
Prion
added 2015/08/24 2:59 p.m.15 views

Design/Logic Flaw

Red Hat OpenShift Enterprise 3.0.0.0 does not properly check permissions, which allows remote authenticated users with build permissions to execute arbitrary shell commands with root permissions on arbitrary build pods via unspecified vectors...

8.5CVSS7.7AI score0.0269EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2015/08/24 12:0 a.m.8 views

PT-2015-6805 · Red Hat · Red Hat Openshift Enterprise

Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise version 3.0.0.0 Description: The issue allows remote authenticated users with build permissions to execute arbitrary shell commands with root permissions on arbitrary build pods. Recommendations: For Red Hat...

8.5CVSS6.9AI score0.0269EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/08/20 7:25 p.m.6 views

OpenShift3: Exec operations should be forbidden to privileged pods such as builder pods

An improper permission check issue was discovered in the server admission control component in OpenShift. A user with build permissions could use this flaw to execute arbitrary shell commands on a build pod with the privileges of the root user...

8.5CVSS6.1AI score0.0269EPSS
Exploits0References4
Rows per page
Query Builder