Lucene search
K

222 matches found

Chainguard
Chainguard
added 2025/08/09 1:17 p.m.15 views

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: cilium-fips, terraform-provider-kubernetes, promxy, ksops, flux-image-automation-controller, rancher-webhook-fips, crossplane-provider-sql-fips, tekton-pipelines, kpt, kubernetes-dashboard-metrics-scraper-fips, gh, render-template, cilium-envoy, gitlab-cng,...

6.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/05/27 1:10 a.m.3 views

SUSE CVE-2025-47284

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the gardenlet component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. It could allow a user with administrative privileges for a...

9.9CVSS6.6AI score0.00374EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2025/05/05 9:13 p.m.8 views

CVE-2025-22872 affecting package kube-vip-cloud-provider for versions less than 0.0.10-4

CVE-2025-22872 affecting package kube-vip-cloud-provider for versions less than 0.0.10-4. A patched version of the package is available...

6.5CVSS6.8AI score0.00478EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/04/11 6:10 p.m.10 views

CVE-2024-51744 affecting package kube-vip-cloud-provider for versions less than 0.0.2-22

CVE-2024-51744 affecting package kube-vip-cloud-provider for versions less than 0.0.2-22. A patched version of the package is available...

3.1CVSS4AI score0.00521EPSS
Exploits0
Wolfi
Wolfi
added 2025/03/22 4:43 p.m.50 views

CVE-2025-30204 vulnerabilities

Vulnerabilities for packages: git-sync, nuclei, scorecard, chezmoi, kubernetes, skaffold, falcosidekick, oauth2-proxy, prometheus, tekton-chains, sqlexporter, ko, opencost, octo-sts, grafana-mimir, restic, terraform-provider-azurerm, distribution, rancher, crossplane-provider-family-azure,...

7.5CVSS6.7AI score0.00693EPSS
Exploits0
Wolfi
Wolfi
added 2025/03/22 4:43 p.m.17 views

GHSA-MH63-6H87-95CP vulnerabilities

Vulnerabilities for packages: git-sync, nuclei, scorecard, chezmoi, kubernetes, skaffold, falcosidekick, oauth2-proxy, prometheus, tekton-chains, sqlexporter, ko, opencost, octo-sts, grafana-mimir, restic, terraform-provider-azurerm, distribution, rancher, crossplane-provider-family-azure,...

6.1AI score
Exploits0
CBLMariner
CBLMariner
added 2025/03/03 10:12 p.m.10 views

CVE-2025-27144 affecting package kube-vip-cloud-provider for versions less than 0.0.2-20

CVE-2025-27144 affecting package kube-vip-cloud-provider for versions less than 0.0.2-20. A patched version of the package is available...

8.7CVSS6.7AI score0.00369EPSS
Exploits0
Wolfi
Wolfi
added 2025/02/25 3:16 p.m.16 views

GHSA-7WRW-R4P8-38RX vulnerabilities

Vulnerabilities for packages: local-static-provisioner, stakater-reloader, aws-flb-firehose, kserve, git-lfs, kubernetes-csi-external-resizer, nri-cassandra, mods, kubewatch, spiffe-helper, distribution, yq, runc, kpt, wireguard-go, pdfcpu, rabbitmq-messaging-topology-operator, lazydocker, swagge...

6.1AI score
Exploits0
Fedora
Fedora
added 2025/02/13 2:2 a.m.10 views

[SECURITY] Fedora 40 Update: rust-afterburn-5.7.0-3.fc40

A simple cloud provider agent...

7.3AI score
Exploits0
Fedora
Fedora
added 2025/02/08 2:18 a.m.11 views

[SECURITY] Fedora 41 Update: rust-afterburn-5.7.0-3.fc41

A simple cloud provider agent...

7.3AI score
Exploits0
CBLMariner
CBLMariner
added 2025/01/21 11:41 p.m.17 views

CVE-2024-45338 affecting package kube-vip-cloud-provider for versions less than 0.0.10-3

CVE-2024-45338 affecting package kube-vip-cloud-provider for versions less than 0.0.10-3. A patched version of the package is available...

5.3CVSS7.3AI score0.00856EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.7 views

The vulnerabilities of vSphere CPI (Cloud Provider Interface) and vSphere CSI (Container Storage Interface), which are software platforms for deploying containers in a production environment, allow attackers to exploit them to disclose sensitive information.

The vulnerability of vSphere CPI Cloud Provider Interface and vSphere CSI Container Storage Interface, two components of the software platform for container deployment in a production environment, is related to insufficient protection of registration data. Exploiting this vulnerability can allow ...

9.1CVSS7.1AI score0.00438EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/11/26 12:15 p.m.3 views

CVE-2024-38834

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

4.8CVSS5.7AI score0.0032EPSS
Exploits0References1
NVD
NVD
added 2024/11/26 12:15 p.m.16 views

CVE-2024-38834

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

6.5CVSS0.0032EPSS
Exploits0References1
CVE
CVE
added 2024/11/26 11:56 a.m.64 views

CVE-2024-38834

CVE-2024-38834 is a stored cross-site scripting vulnerability in VMware Aria Operations. The issue allows a malicious actor with editing access to cloud provider settings or views to inject scripts, leading to stored XSS in the product. The vulnerability is documented across multiple sources (NVD...

6.5CVSS6.1AI score0.0032EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2024/11/26 12:0 a.m.5 views

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations, which stems from the possibility that a malicious actor capable of editing a...

6.5CVSS5.7AI score0.0032EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.5 views

PT-2024-8792 · Vmware · Vmware Aria Operations

Name of the Vulnerable Software and Affected Versions: VMware Aria Operations affected versions not specified Description: The issue is related to a stored cross-site scripting vulnerability in VMware Aria Operations. This vulnerability can be exploited by a malicious actor with editing access to...

6.5CVSS6.2AI score0.0032EPSS
Exploits0References6
OSV
OSV
added 2024/11/13 1:39 p.m.7 views

CVE-2022-45157 Exposure of vSphere's CPI and CSI credentials in Rancher

A vulnerability has been identified in the way that Rancher stores vSphere's CPI Cloud Provider Interface and CSI Container Storage Interface credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext...

8.5CVSS6.9AI score0.00438EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/10/25 3:48 a.m.4 views

SUSE CVE-2022-45157

A vulnerability has been identified in the way that Rancher stores vSphere's CPI Cloud Provider Interface and CSI Container Storage Interface credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext...

9.1CVSS6.8AI score0.00438EPSS
Exploits0References7
CBLMariner
CBLMariner
added 2024/10/15 11:45 p.m.16 views

CVE-2024-28180 affecting package kube-vip-cloud-provider for versions less than 0.0.2-19

CVE-2024-28180 affecting package kube-vip-cloud-provider for versions less than 0.0.2-19. A patched version of the package is available...

4.3CVSS5.2AI score0.01956EPSS
Exploits0
Rows per page
Query Builder