53 matches found
CVE-2025-61724 vulnerabilities
Vulnerabilities for packages: fulcio, telegraf, flux-fips, k3d, kyverno-policy-reporter-plugins-trivy-fips, kubernetes-dashboard-metrics-scraper-fips, cloud-provider-azure, cert-exporter, crane, mountpoint-s3-csi-driver, nfs-subdir-external-provisioner, external-dns-fips, vault, lazydocker,...
CVE-2025-58188 vulnerabilities
Vulnerabilities for packages: fulcio, telegraf, flux-fips, k3d, kyverno-policy-reporter-plugins-trivy-fips, kubernetes-dashboard-metrics-scraper-fips, cloud-provider-azure, cert-exporter, crane, mountpoint-s3-csi-driver, nfs-subdir-external-provisioner, external-dns-fips, vault, lazydocker,...
CVE-2025-58189 vulnerabilities
Vulnerabilities for packages: fulcio, telegraf, flux-fips, k3d, kyverno-policy-reporter-plugins-trivy-fips, kubernetes-dashboard-metrics-scraper-fips, cloud-provider-azure, cert-exporter, crane, mountpoint-s3-csi-driver, nfs-subdir-external-provisioner, external-dns-fips, vault, lazydocker,...
cAdvisor Unauthenticated Access
cAdvisor short for container Advisor is an open-source tool developed by Google that provides real-time monitoring and performance analysis of running containers. By default, cAdvisor does not require authentication to access the application. This allows an attacker to access sensitive data. No...
openSUSE Security Advisory (openSUSE-SU-2025:0103-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : cadvisor (openSUSE-SU-2025:0103-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0103-1 advisory. - update to 0.52.1: Make resctrl optional/pluggable - update to 0.52.0: bump containerd related deps: api v1.8.0; errdefs v1.0.0; ttrpc v1.2.6...
OPENSUSE-SU-2025:0103-1 Security update for cadvisor
This update for cadvisor fixes the following issues: - update to 0.52.1: Make resctrl optional/pluggable - update to 0.52.0: bump containerd related deps: api v1.8.0; errdefs v1.0.0; ttrpc v1.2.6 chore: Update Prometheus libraries bump runc to v1.2.4 Add Pressure Stall Information Metrics Switch ...
Security update for cadvisor (moderate)
openSUSE Security Update: Security update for cadvisor Announcement ID: openSUSE-SU-2025:0103-1 Rating: moderate References: 1222192 1239291 Cross-References: CVE-2022-27664 CVE-2025-22868 CVSS scores: CVE-2022-27664 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-22868 SUSE: 8.7...
OPENSUSE-SU-2025:14904-1 cadvisor-0.52.1-1.1 on GA media
These are all security issues fixed in the cadvisor-0.52.1-1.1 package on the GA media of openSUSE Tumbleweed...
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, metallb, kube-bench, kubernetes-dashboard, golangci-lint, kaf, cfssl, nri-discovery-kubernetes, render-template, gomplate, grpcurl, protoc-gen-go-grpc, slsa-verifier, supercronic, dgraph, nuclei, nri-couchbase, hey, shfmt,...
Fedora 37 : cadvisor / containerd / golang-github-cloudflare-redoctober / etc (2022-cd92e4cc43)
The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-cd92e4cc43 advisory. Rebuild to mitigate CVE-2022-21698 rhbz2067400. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
GHSA-JFVP-7X6P-H2PV vulnerabilities
Vulnerabilities for packages: opentelemetry-collector-contrib, grafana-alloy, k3s, k8s-device-plugin, syft, podman, neuvector-scanner, ctop, docker, grype, kubernetes, runc, cadvisor, buildah...
CVE-2024-45310 vulnerabilities
Vulnerabilities for packages: opentelemetry-collector-contrib, grafana-alloy, k3s, k8s-device-plugin, syft, podman, neuvector-scanner, ctop, docker, grype, kubernetes, runc, cadvisor, buildah...
OPENSUSE-SU-2024:14121-1 cadvisor-0.49.1-1.1 on GA media
These are all security issues fixed in the cadvisor-0.49.1-1.1 package on the GA media of openSUSE Tumbleweed...
GHSA-2CGQ-H8XW-2V5J vulnerabilities
Vulnerabilities for packages: grype, neuvector-scanner, kubernetes, opentelemetry-collector-contrib, opentelemetry-collector-contrib-fips, ctop, kubernetes-fips, cadvisor, buildah, wolfictl, cadvisor-fips...
GHSA-C5PJ-MQFH-RVC3 vulnerabilities
Vulnerabilities for packages: docker...
CVE-2024-3154 vulnerabilities
Vulnerabilities for packages: grype, neuvector-scanner, kubernetes, opentelemetry-collector-contrib, opentelemetry-collector-contrib-fips, ctop, kubernetes-fips, cadvisor, buildah, wolfictl, cadvisor-fips...
Google cAdvisor REST API Improper Access Control Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Google cAdvisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the REST API endpoint, which listens on TCP port 8080 by default. The issue...
Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. (CVE-2024-29964)
Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files...
CVE-2024-29018 vulnerabilities
Vulnerabilities for packages: zot, trivy, up, aactl, tkn, conftest, wolfictl, cadvisor-fips, loki, kubescape, crossplane, conftest-fips, prometheus, spire-server-fips, cadvisor, syft, ko, spire-server, datadog-agent, grype, kaniko, buildkitd, kargo, cilium-cli, ctop, dagger, datadog-agent-fips,...