55 matches found
CVE-2026-42505 vulnerabilities
Vulnerabilities for packages: prometheus-redis-exporter-fips, crossplane-provider-aws-lakeformation-fips, cluster-api-provider-vsphere, docker-machine-driver-linode, harbor-registry-fips, mattermost, ginkgo, prometheus, livekit-server, yace-fips, wavefront-collector-for-kubernetes, hugo-fips,...
CVE-2026-42505 vulnerabilities
Vulnerabilities for packages: cert-exporter, crossplane-provider-aws-iam, crossplane-provider-aws-memorydb, gh, kube-metrics-adapter, addon-resizer, kube-fluentd-operator, metacontroller, govulncheck, mongo-tools, victoriametrics-operator, kubescape-operator, gitness, docker-cli-buildx,...
Security update for cloudflared (important)
openSUSE security update: security update for cloudflared ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20893-1 Rating: important References: bsc1234582 bsc1239422 bsc1253918 bsc1265920 bsc1266794 Cross-References: CVE-2024-45337 CVE-2025-22869...
OPENSUSE-SU-2026:20893-1 Security update for cloudflared
This update for cloudflared fixes the following issues: Changes in cloudflared: - Update version to 2026.5.2 Add more information to proxy-dns removal message Update tail command to use /management/logs endpoint Add cloudflared management token command Fix bugs Update golang.org/x/net to 0.55.0...
cloudflared-2026.5.2-1.1 on GA media (moderate)
cloudflared-2026.5.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10908-1 Rating: moderate Cross-References: CVE-2026-33814 CVE-2026-39821 CVSS scores: CVE-2026-33814 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-39821 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:...
OPENSUSE-SU-2026:10908-1 cloudflared-2026.5.2-1.1 on GA media
These are all security issues fixed in the cloudflared-2026.5.2-1.1 package on the GA media of openSUSE Tumbleweed...
HAX open-apis: Credential Theft via Server-Side Request Forgery (SSRF) in open-apis
Summary Multiple functions conduct substring-only matching to validate hostnames to which basic authorization should be sent. An attacker can append the matched substrings to an attacker-controlled endpoint and capture authentication. Details api/services/website/cacheAddress.js,...
PT-2026-7491
A stack-use-after-return issue exists in the Arduino Core STM32 library prior to version 1.7.0. The pwm start function allocates a TIM HandleTypeDef structure on the stack and passes its address to HAL initialization routines, where it is stored in a global timer handle registry. After the functi...
cloudflared-2025.11.1-1.1 on GA media (moderate)
cloudflared-2025.11.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15763-1 Rating: moderate Cross-References: CVE-2025-22869 CVE-2025-58181 CVSS scores: CVE-2025-22869 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-22869 SUSE : 8.2...
OPENSUSE-SU-2025:15763-1 cloudflared-2025.11.1-1.1 on GA media
These are all security issues fixed in the cloudflared-2025.11.1-1.1 package on the GA media of openSUSE Tumbleweed...
Unleashing the Kraken ransomware group
In August 2025, Cisco Talos observed big-game hunting and double extortion attacks carried out by Kraken, a Russian-speaking group that has emerged from the remnants of the HelloKitty ransomware cartel. Talos observed in one intrusion that the Kraken actor exploited Server Message Block SMB...
EUVD-2021-1103
Malware in sbrugna...
EUVD-2023-0926
Malicious code in bioql PyPI...
Malicious code in cloudflared-x64 (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6406 Malicious code in cloudflared-x64 (npm)
--- -= Per source details. Do not edit below this line.=-...
GHSA-VRW8-FXC6-2R93 vulnerabilities
Vulnerabilities for packages: step, cloudflared, dapr, step-issuer, gogatekeeper, rclone, buf, step-ca, tkn, karma, sftpgo, caddy, telegraf, kyverno-policy-reporter-ui, gitness...
GHSA-VRW8-FXC6-2R93 vulnerabilities
Vulnerabilities for packages: telegraf, gitness, step-issuer, caddy, caddy-fips, step-issuer-fips, rclone-fips, fleet-server, rclone, dapr, dapr-fips, sftpgo, fleet-server-fips, karma, tkn, cloudflared, step-ca-fips, step-fips, gogatekeeper, tkn-fips, buf, step-ca, kyverno-policy-reporter-ui-fips...
cloudflared-2024.12.1-1.1 on GA media (moderate)
cloudflared-2024.12.1-1.1 on GA media Announcement ID: openSUSE-SU-2024:14585-1 Rating: moderate Cross-References: CVE-2024-45337 CVSS scores: CVE-2024-45337 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...
OPENSUSE-SU-2024:14585-1 cloudflared-2024.12.1-1.1 on GA media
These are all security issues fixed in the cloudflared-2024.12.1-1.1 package on the GA media of openSUSE Tumbleweed...
GHSA-PX8V-PP82-RCVR vulnerabilities
Vulnerabilities for packages: buf, k3s, eks-distro, frp, kubernetes-dns-node-cache-fips, q, caddy, caddy-fips, cloudflared, coredns-fips, traefik-fips, spegel, eks-distro-fips, traefik, kubernetes-dns-node-cache, coredns...