Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/06/24 8:38 p.m.7 views

CVE-2026-13201

A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel...

7.3CVSS6AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/24 11:42 a.m.6 views

CVE-2026-33211

A flaw was found in Tekton Pipelines, specifically in the Tekton Pipelines git resolver. A tenant with permissions to create ResolutionRequests can exploit a path traversal vulnerability via the pathInRepo parameter. This allows the tenant to read arbitrary files from the resolver pod's filesyste...

9.6CVSS5.9AI score0.00573EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2014-0167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nova EC2 API security group implementation in OpenStack Compute Nova 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies...

6CVSS6AI score0.01647EPSS
Exploits1References2
OSV
OSV
added 2023/06/06 2:0 a.m.25 views

GHSA-P976-H52C-26P6 Rancher vulnerable to Privilege Escalation via manipulation of Secrets

Impact A vulnerability has been identified which enables Standard users or above to elevate their permissions to Administrator in the local cluster. The local cluster means the cluster where Rancher is installed. It is named local inside the list of clusters in the Rancher UI. Standard users coul...

9.9CVSS8.7AI score0.00715EPSS
Exploits0References6
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.45 views

K94093538: NGINX Service Mesh control plane vulnerability CVE-2022-27495

Security Advisory Description NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. CVE-2022-27495 Impact An attacker may affect traffic policies, security policies, and other reverse proxy capabilities of NGINX Service Mesh if they've gained access to a Kubernete...

6.5CVSS6.5AI score0.00326EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 4:41 a.m.31 views

OpenStack Compute (Nova) allows remote authenticated users to gain privileges via API requests

The Nova EC2 API security group implementation in OpenStack Compute Nova 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for 1 addrules, 2 removerules, 3 destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows...

6CVSS6.5AI score0.01647EPSS
Exploits1References8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/25 4:46 p.m.37 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2019-11253)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that exposes it to a denial of service attack via malicious YAML or JSON payloads CVE-2019-11253 Vulnerability Details CVE-ID: CVE-2019-11253 Description: The Kubernetes API server is...

7.5CVSS0.25939EPSS
Exploits2Affected Software1
Veracode
Veracode
added 2019/01/15 8:59 a.m.24 views

Privilege Escalation

openstack-nova is vulnerable to privilege escalation. The RBAC policies were not enforced for addrules, removerules, destroy and other unspecified methods in compute/api.py when using non-default policies. A remote attacker is able to escalate privileges beyond the user group they belong to via t...

6CVSS6.5AI score0.01647EPSS
Exploits1References17Affected Software1
RedHat Linux
RedHat Linux
added 2014/08/21 12:34 a.m.39 views

Moderate: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

Updated openstack-nova packages that fix two security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS ba...

6CVSS5.8AI score0.01938EPSS
Exploits1References12
NVD
NVD
added 2014/04/15 2:55 p.m.27 views

CVE-2014-0167

The Nova EC2 API security group implementation in OpenStack Compute Nova 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for 1 addrules, 2 removerules, 3 destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows...

6CVSS6.5AI score0.01647EPSS
Exploits1References3
Prion
Prion
added 2014/04/15 2:55 p.m.27 views

Design/Logic Flaw

The Nova EC2 API security group implementation in OpenStack Compute Nova 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for 1 addrules, 2 removerules, 3 destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows...

6CVSS7AI score0.01647EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2014/04/15 2:0 p.m.49 views

CVE-2014-0167

The Nova EC2 API security group implementation in OpenStack Compute Nova 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for 1 addrules, 2 removerules, 3 destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows...

6CVSS6.5AI score0.01647EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2014/04/15 12:0 a.m.29 views

CVE-2014-0167

The Nova EC2 API security group implementation in OpenStack Compute Nova 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for 1 addrules, 2 removerules, 3 destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows...

6CVSS6AI score0.01647EPSS
Exploits1References2
Rows per page
Query Builder