Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

CVE-2025-55190

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwor...

CVE-2025-55190 Argo CD: Project API Token Exposes Repository Credentials

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwor...

CVE-2025-55190 Argo CD: Project API Token Exposes Repository Credentials

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwor...

CVE-2025-55190

Argo CD vulnerability CVE-2025-55190: In multiple releases of Argo CD, API tokens with project-level permissions can retrieve sensitive repository credentials via the project details API endpoint, even when tokens lack explicit access to secrets. The issue affects versions 2.13.0–2.13.8, 2.14.0–2...

CVE-2025-55190 Argo CD: Project API Token Exposes Repository Credentials

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwor...

GHSA-786Q-9HCG-V9FF Argo CD's Project API Token Exposes Repository Credentials

Summary Argo CD API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. Component:...

CLSA-2025-1757010850 squid: Fix of CVE-2025-54574

CVE-2025-54574: fix heap buffer overflow in URN parsing...

PM / devfreq: Check governor before using governor->name

...

Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets

...

Argo CD 信息泄露漏洞

Argo CD is an Argo open source declarative GitOps continuous delivery tool for Kubernetes. An information disclosure vulnerability exists in Argo CD that stems from a project-level permission API token that can retrieve sensitive repository credentials. The following versions are affected: versio...

PT-2025-36094

Name of the Vulnerable Software and Affected Versions Argo CD versions 2.13.0 through 2.13.8 Argo CD versions 2.14.0 through 2.14.15 Argo CD versions 3.0.0 through 3.0.12 Argo CD version 3.1.0-rc1 through 3.1.1 Description Argo CD, a declarative GitOps continuous delivery tool for Kubernetes,...

Linux Distros Unpatched Vulnerability : CVE-2020-10814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability in Code::Blocks 17.12 allows an attacker to execute arbitrary code via a crafted project file. CVE-2020-10814 Note that Nessus...

GNOME gvdb gvdb-builder.c gvdb_table_write_contents_async use after free

...

PT-2025-35711

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.32.10 Envoy versions 1.33.0 through 1.33.6 Envoy versions 1.34.0 through 1.34.4 Envoy versions 1.35.0 Description: Envoy is an open source L7 proxy and communication bus designed for large modern service oriented...