CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

NVD•added 2026/05/28 7:16 p.m.•12 views

CVE-2026-42999

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforcecall unconditionally merges the raw JSON request body into the policy enforcement dictionary via policydict.updatejsoninput.copy, overwriting trusted target data that was previously set from...

8.8CVSS0.00041EPSS

Exploits1References2

Positive Technologies•added 2026/05/28 12:0 a.m.•6 views

PT-2026-44464

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforce call unconditionally merges the raw JSON request body into the policy enforcement dictionary via policy dict.updatejson input.copy, overwriting trusted target data that was previously set fro...

6CVSS6AI score0.00041EPSS

Exploits1References3

Cvelist•added 2026/05/28 12:0 a.m.•24 views

CVE-2026-42999

6CVSS0.00041EPSS

Exploits1References2

ATTACKERKB•added 2026/05/28 12:0 a.m.•4 views

CVE-2026-42999

6CVSS6AI score0.00041EPSS

Exploits1References3Affected Software1

GithubExploit•added 2026/04/06 5:33 p.m.•157 views

Exploit for CVE-2026-33186

CVE-2026-33186 gRPC-Go RBAC Authorization Policy Bypass via M...

9.1CVSS6AI score0.0002EPSS

Exploits1

NVD•added 2026/03/20 11:16 p.m.•2 views

CVE-2026-33186

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

9.1CVSS0.0002EPSS

Exploits1References1

Virtuozzo•added 2025/04/28 12:0 a.m.•15 views

Virtuozzo Hybrid Infrastructure 6.3 Update 1 Hotfix 2 (6.3.1-121)

This update provides stability fixes. Vulnerability id: VSTOR-88806 Live migration failed for VMs with both vstorage and iSCSI volumes. Vulnerability id: VSTOR-89155 Fixed the false-positive alerts "Virtual machine state mismatch" and "Volume attachment details mismatch." Vulnerability id:...

6.9AI score

Exploits0

Virtuozzo•added 2023/11/27 12:0 a.m.•21 views

Virtuozzo Hybrid Infrastructure 6.0 (6.0.0-243)

In this release, Virtuozzo Hybrid Infrastructure provides an upgrade of the Linux distribution, kernel, and toolset packages. This release also contains a range of new features that cover storage performance, object storage, as well as monitoring and alerts. Additionally, this release delivers...

7.3AI score

Exploits0

OSV•added 2021/05/18 3:38 p.m.•18 views

GHSA-PMQP-H87C-MR78 XML Entity Expansion and Improper Input Validation in Kubernetes API server

Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming...

7.5CVSS7.5AI score0.84511EPSS

Exploits2References10

GitLab Advisory Database•added 2021/05/18 12:0 a.m.•39 views

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

7.5CVSS3AI score0.84511EPSS

Exploits2References5Affected Software1

IBM Security Bulletins•added 2020/01/02 5:44 p.m.•37 views

Security Bulletin: IBM API Connect is impacted by a vulnerability in Kubernetes(CVE-2019-11253)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11253 DESCRIPTION: Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send...

7.5CVSS1.3AI score0.84511EPSS

Exploits2Affected Software1

OSV•added 2019/10/17 4:15 p.m.•23 views

CVE-2019-11253

7.5CVSS7AI score

Exploits0References6

Prion•added 2019/10/17 4:15 p.m.•28 views

Input validation

5CVSS7.3AI score0.84511EPSS

Exploits2References6Affected Software2

UbuntuCve•added 2019/10/17 4:15 p.m.•21 views

CVE-2019-11253

7.5CVSS6.8AI score0.84511EPSS

Exploits2References2

Debian CVE•added 2019/10/17 3:40 p.m.•24 views

CVE-2019-11253

7.5CVSS5.8AI score0.84511EPSS

Exploits2

Cvelist•added 2019/10/17 3:40 p.m.•24 views

CVE-2019-11253 Kubernetes API Server JSON/YAML parsing vulnerable to resource exhaustion attack

7.5CVSS7.4AI score0.84511EPSS

Exploits2References6

AlpineLinux•added 2019/10/17 3:40 p.m.•49 views

CVE-2019-11253

7.5CVSS7.6AI score0.84511EPSS

Exploits2

Positive Technologies•added 2019/01/18 12:0 a.m.•2 views

PT-2019-4310 · Kubernetes +1 · Kubernetes Api Server +1

Name of the Vulnerable Software and Affected Versions: Kubernetes API server versions v1.0 through v1.12 Kubernetes API server versions prior to v1.13.12 Kubernetes API server versions prior to v1.14.8 Kubernetes API server versions prior to v1.15.5 Kubernetes API server versions prior to v1.16.2...

8.1CVSS6AI score0.84511EPSS

Exploits2References40

Tenable Nessus•added 2014/07/14 12:0 a.m.•22 views

Fedora 20 : openstack-nova-2013.2.3-2.fc20 (2014-7954)

Add RBAC policy for ec2 API security groups calls - CVE-2014-0167 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

6CVSS5.3AI score0.00383EPSS

Exploits1References3

securityvulns•added 2014/06/19 12:0 a.m.•91 views

[USN-2247-1] OpenStack Nova vulnerabilities

========================================================================== Ubuntu Security Notice USN-2247-1 June 17, 2014 nova vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

7.1CVSS1AI score0.03132EPSS

Exploits2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by