Lucene search
+L

277 matches found

NVD
NVD
added last week7 views

CVE-2026-55882

Tilt defines dev environments as code for microservice apps on Kubernetes. From 0.19.5 through 0.37.3, the Tilt HUD server mounts Go net/http/pprof handlers under /debug with no access control. When the HUD or apiserver listener is network-exposed, an unauthenticated caller can read process memor...

8.3CVSS0.00384EPSS
Exploits0References4
Chainguard
Chainguard
added 2026/07/09 8:31 p.m.7 views

CVE-2026-10532 vulnerabilities

Vulnerabilities for packages: airbyte-server-fips, s3proxy-fips, nextflow, nacos, zookeeper, keycloak-config-cli, nacos-docker, kafbat-ui-fips, cassandra, dependency-track-apiserver, s3proxy, apache-nifi-registry, apache-nifi, sonar-scanner-cli, management-api-for-apache-cassandra-4.0, thingsboar...

6.3CVSS5.1AI score0.00342EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/09 2:0 p.m.6 views

Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Servi...

8.7CVSS6AI score0.00656EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/08 3:52 p.m.4 views

Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Servi...

8.7CVSS6AI score0.00656EPSS
Exploits0References4
OSV
OSV
added 2026/06/19 1:58 p.m.8 views

GHSA-C73Q-8XXR-RGQM Tilt: Missing authentication on the network-exposed Tilt HUD server

Summary The Tilt HUD HTTP server exposes state-changing and sensitive-read endpoints with no authentication. When the HUD is bound to a non-loopback address, a network attacker can trigger the developer's pre-defined Tiltfile resources, tamper with Tiltfile arguments, read full engine state...

9.2CVSS6AI score0.00397EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/19 1:52 p.m.10 views

Tilt: Unauthenticated pprof debug endpoints on the Tilt HUD server

Summary The Tilt HUD server mounts Go's net/http/pprof handlers under /debug with no access control. When the HUD is network-exposed, an attacker can read process memory — including session and apiserver tokens — and hold the process under profiling. Details A blank import of net/http/pprof...

8.3CVSS6AI score0.00384EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.22 views

PT-2026-50980

Name of the Vulnerable Software and Affected Versions Tilt versions 0.20.8 through 0.37.3 Description The HUD HTTP server lacks authentication for state-changing and sensitive-read endpoints. When the HUD is bound to a non-loopback address, a network attacker can trigger pre-defined Tiltfile...

9.2CVSS5.9AI score0.00397EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.21 views

PT-2026-50978

Name of the Vulnerable Software and Affected Versions Tilt versions 0.19.5 through 0.37.3 Description The Tilt HUD server mounts Go's net/http/pprof handlers under the '/debug' endpoint without access control. When the HUD is network-exposed, an unauthenticated caller can read process memory via...

8.3CVSS6AI score0.00384EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/11 6:6 a.m.20 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.65 security and extras update

Red Hat OpenShift Container Platform release 4.15.65 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a security impact of...

9.1CVSS6.7AI score0.01557EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/05/20 10:49 a.m.13 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.42 security and extras update

Red Hat OpenShift Container Platform release 4.18.42 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS5.9AI score0.00656EPSS
Exploits0References2
Chainguard
Chainguard
added 2026/05/07 1:17 a.m.12 views

CVE-2026-42198 vulnerabilities

Vulnerabilities for packages: keycloak-fips, debezium, kayenta, keycloak, camunda, nacos, dependency-track, apicurio-registry, nacos-docker, kayenta-fips, dependency-track-apiserver, flyway-fips, apache-hop, thingsboard, flyway, apache-hop-fips, hono, geoserver, guacamole-client, camunda-zeebe,...

7.5CVSS7.2AI score0.0077EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.2.29 openshift (RHSA-2020:1527)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1527 advisory. - kubernetes: Use of unbounded 'client' label in apiserverrequesttotal allows for memory exhaustion CVE-2020-8552 Note that Nessus has not...

5.3CVSS5.8AI score0.02428EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/04 11:30 p.m.4 views

CVE-2026-7784

A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. T...

7.5CVSS6.6AI score0.00501EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.43 views

PT-2026-36933

Name of the Vulnerable Software and Affected Versions RTGS2017 NagaAgent versions prior to 5.1.1 Description Improper processing of the file 'apiserver/routes/extensions.py' within the Skills Endpoint component allows for a remote path traversal attack. This occurs through the manipulation of the...

7.5CVSS5.7AI score0.00501EPSS
Exploits0References8
Chainguard
Chainguard
added 2026/04/30 7:17 p.m.12 views

CVE-2026-40542 vulnerabilities

Vulnerabilities for packages: apache-nifi, opensearch, jbang, dependency-track-apiserver, pinot, opensearch-fips, trino, pinot-fips, dependency-track...

7.3CVSS5.1AI score0.00456EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/30 7:17 p.m.9 views

GHSA-V468-QCJX-R72W vulnerabilities

Vulnerabilities for packages: apache-nifi, opensearch, jbang, dependency-track-apiserver, pinot, opensearch-fips, trino, pinot-fips, dependency-track...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.15 views

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: actions-runner-controller-fips, crossplane-provider-sql-fips, kind, crossplane-provider-aws-backup, atlantis-fips, docker-machine-driver-linode, caddy, cluster-api-provider-vsphere, eksctl, dask-gateway, extism, nginx-prometheus-exporter, harbor-registry-fips,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/26 10:9 a.m.11 views

SUSE CVE-2025-14443

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...

6.4CVSS5.8AI score0.00311EPSS
Exploits0References3
OSV
OSV
added 2026/03/10 6:28 p.m.2 views

GO-2026-4578 openshift-apiserver: SSRF via Missing IP/Network-Range Validation in User-Supplied Image References in github.com/openshift/openshift-apiserver

openshift-apiserver: SSRF via Missing IP/Network-Range Validation in User-Supplied Image References in github.com/openshift/openshift-apiserver...

6.4CVSS5.8AI score0.00311EPSS
Exploits0References6
Chainguard
Chainguard
added 2026/03/10 7:17 a.m.3 views

GHSA-WJPW-4J6X-6RWH vulnerabilities

Vulnerabilities for packages: spark, confluent-kafka, kafka-fips, confluent-kafka-jre-bcfips, pinot, zookeeper, pinot-fips, dependency-track, strimzi-kafka-operator, neo4j, dependency-track-apiserver, spark-kubernetes-operator, solr, celeborn, cloudwatch-exporter, apache-hop, wso2is,...

5.3AI score
Exploits0
Rows per page
Query Builder