45 matches found
CVE-2025-62233 Apache DolphinScheduler: Deserialization of untrusted data in RPC
Deserialization of Untrusted Data vulnerability in Apache DolphinScheduler RPC module. This issue affects Apache DolphinScheduler: Version = 3.2.0 and 3.3.1. Attackers who can access the Master or Worker nodes can compromise the system by creating a StandardRpcRequest, injecting a malicious class...
EUVD-2025-209572
Deserialization of Untrusted Data vulnerability in Apache DolphinScheduler RPC module. This issue affects Apache DolphinScheduler: Version = 3.2.0 and 3.3.1. Attackers who can access the Master or Worker nodes can compromise the system by creating a StandardRpcRequest, injecting a malicious class...
CVE-2025-62233
CVE-2025-62233 concerns Apache DolphinScheduler’s RPC module. A deserialization of untrusted data vulnerability affects versions >= 3.2.0 and
CVE-2025-62233 Apache DolphinScheduler: Deserialization of untrusted data in RPC
Deserialization of Untrusted Data vulnerability in Apache DolphinScheduler RPC module. This issue affects Apache DolphinScheduler: Version = 3.2.0 and 3.3.1. Attackers who can access the Master or Worker nodes can compromise the system by creating a StandardRpcRequest, injecting a malicious class...
Exploit for Deserialization of Untrusted Data in Wazuh
🚨 CVE-2026-25769 - Wazuh Insecure Deserialization RCE !Sev...
CVE-2026-25769
Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution RCE vulnerability due to Deserialization of Untrusted Data. All Wazuh deployments using cluster mode master/worker architecture and any...
CVE-2026-25769
Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution RCE vulnerability due to Deserialization of Untrusted Data. All Wazuh deployments using cluster mode master/worker architecture and any...
EUVD-2026-12595
Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution RCE vulnerability due to Deserialization of Untrusted Data. All Wazuh deployments using cluster mode master/worker architecture and any...
PT-2025-44367
Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.0.5 Description A parameter in the example dag decorator dag was not properly validated, potentially allowing a user of the Airflow UI to redirect the example to a malicious server and execute code on a worke...
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a cri-o security vulnerability (CVE-2024-8676)
Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability that may allow a malicious user to trick cri-o into restoring a pod that doesn't have CVE-2024-8676 Vulnerability Details CVEID: CVE-2024-8676 Description: A vulnerability was found in CRI-O, where it can be requested ...
Open Cluster Management vulnerable to Trust Boundary Violation
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
CVE-2024-9779
CVE-2024-9779 – Open Cluster Management (OCM) is described across OSV/GHSA entries as a trust-boundary vulnerability in the cluster-manager workflow. The issue arises when a worker-node host runs the cluster-manager pod using a service account named “cluster-manager” bound to a ClusterRole that i...
CVE-2024-9779 Open-cluster-management-io/ocm: cluster-manager permissions may allow a worker node to obtain service account tokens
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
CVE-2024-9779 Open-cluster-management-io/ocm: cluster-manager permissions may allow a worker node to obtain service account tokens
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
Open Cluster Management 安全漏洞
Open Cluster Management OCM is a community-driven project of Open Cluster Management open source. Focused on multi-cluster and multi-cloud scenarios for Kubernetes applications. A security vulnerability exists in Open Cluster Management that stems from a vulnerability found in Open Cluster...
GHSA-MGWR-H7MV-FH29 Hwameistor Potential Permission Leakage of Cluster Level
Impact What kind of vulnerability is it? Who is impacted? This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a...
CVE-2024-45054
Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...
CVE-2024-45054 Potential Permission Leakage of Cluster Level in hwameistor
Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...
CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation
Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate...
CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation
Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate...