613 matches found
aks-poc-setup
AKS Production-Grade POC Setup A comprehensive, production-re...
CLEANSTART-2026-PT56560 Security fixes for CVE-2026-1229, CVE-2026-32952, CVE-2026-33186, CVE-2026-39882, CVE-2026-39883, ghsa-w8rr-5gcm-pp58, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.14.8-r0, 1.14.8-r1, 1.15.1-r0
Multiple security vulnerabilities affect the terraform package. These issues are resolved in later releases. See references for individual vulnerability details...
EUVD-2026-29438
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
CVE-2026-7428
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
CVE-2026-7428
CVE-2026-7428 affects Google Cloud AlloyDB for PostgreSQL. The vulnerability stems from insecure default administrative credentials that could be created by well-intended Terraform or REST API users before 2025-11-03, enabling a remote attacker to gain full administrative access to the database. ...
CVE-2026-7428 Insecure default administrative credentials in AlloyDB for PostgreSQL
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
CVE-2026-7428 Insecure default administrative credentials in AlloyDB for PostgreSQL
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
CVE-2026-7428
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
PT-2026-39995
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
SUSE SLES15 Security Update : terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls (SUSE-SU-2026:1763-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1763-1 advisory. - CVE-2025-22869: golang.org/x/crypto/ssh: denial of service when clients do not complete the key exchange in SSH servers which implement fi...
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
A previously undocumented Linux implant codenamed Quasar Linux RAT QLNX is targeting developers' systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and...
Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid
This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issues: CVE-2025-2286...
SUSE-SU-2026:1763-1 Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issues: -...
PT-2026-35172
3/4 Nation-states already weaponizing it: • Chinese APT29 Cozy Bear chaining poisoned Terraform for gov/defense persistence • Russian GRU targeting CNAPP layers in EU energy/finance 🚨 Terraform Enterprise RCE zero-day CVE-2026-81234 actively exploited & just added to CISA KEV today!...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: seaweedfs, rclone, cloudbeat-fips, spqr, yunikorn-k8shim, openbao, ldap2pg, harbor, rancher-agent, harbor-fips, flux-source-controller-fips, opentofu-fips, grafana-fips, gitlab-runner, versitygw, beats-fips, external-secrets-operator, seaweedfs-fips,...
AZL-9179 CVE-2018-9057 for package terraform is not applicable
This CVE either no longer is or was never applicable...
SUSE SLES15 / openSUSE 15 Security Update : terraform-provider-local, terraform-provider-random, terraform-provider-tls (SUSE-SU-2026:1411-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1411-1 advisory. This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue...
Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files can lead to the consumption of corrupted files bsc1258097...
SUSE-SU-2026:1411-1 Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: - CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files that can lead to the consumption of corrupted files...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: flannel, slsa-verifier, vexctl, vault-benchmark, docker-machine-driver-harvester, xeol, argo-rollouts, cue, kubescape-operator, aws-node-termination-handler, crossplane-provider-azure-authorization, ingress-nginx-controller, cluster-api-provider-vsphere,...