Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedHat Linux
RedHat Linuxadded 2026/05/26 2:55 p.m.9 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update

Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...

9.6CVSS5.8AI score0.00022EPSS
Exploits2References5
RedHat Linux
RedHat Linuxadded 2026/05/26 2:49 p.m.9 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.4 security update

Important: Red Hat OpenShift GitOps v1.19.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions...

9.8CVSS6.6AI score0.00044EPSS
Exploits4References7
Veracode
Veracodeadded 2025/11/20 5:39 a.m.5 views

Denial-of-service (DoS)

github.com/argoproj/argo-cd is vulnerable to a denial-of-service DoS. The vulnerability is due to Argo CD’s /api/webhook endpoint accessing an array index without validating its length, which allows an attacker to crash the argocd-server process using a single unauthenticated HTTP POST with an...

7.5CVSS7.1AI score0.00043EPSS
Exploits1References5Affected Software2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-31767

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00239EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/10/01 9:9 p.m.1 views

CVE-2025-59538 Argo CD is Vulnerable to Unauthenticated Remote DoS via malformed Azure DevOps git.push webhook

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoi...

7.5CVSS6.5AI score0.00043EPSS
Exploits1References2
CNVD
CNVDadded 2020/04/09 12:0 a.m.2 views

Argo Authorization Issues Vulnerability

Argo is an open source container native workflow engine. Argo suffers from an authorization issue vulnerability that stems from the program setting the default administrator password to the argocd-server container group name. An attacker can exploit this vulnerability to gain administrator...

8.8CVSS7.2AI score0.00429EPSS
Exploits1References1
CVE
CVEadded 2020/04/08 7:49 p.m.64 views

CVE-2020-8828

CVE-2020-8828 affects Argo CD (v1.5.0 and earlier) where the default admin password is set to the argocd-server pod name. This creates privilege-escalation risk for insiders with cluster or log access due to Argo’s privileged roles. The impact is described as a privileged-escape scenario for atta...

8.8CVSS8.6AI score0.00429EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2020/04/08 7:49 p.m.14 views

CVE-2020-8828

As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be ke...

8.8AI score0.00429EPSS
Exploits1References3
Rows per page
Query Builder