Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-1331

Malicious code in bioql PyPI...

7.7CVSS5.2AI score0.00892EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2025/04/02 11:9 a.m.4 views

CVE-2025-2842 Tempo-operator: tempo operator token exposition lead to read sensitive data

A flaw was found in the Tempo Operator. When the Jaeger UI Monitor Tab functionality is enabled in a Tempo instance managed by the Tempo Operator, the Operator creates a ClusterRoleBinding for the Service Account of the Tempo instance to grant the cluster-monitoring-view ClusterRole. This can be...

4.3CVSS6.9AI score0.00331EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/04/02 11:7 a.m.19 views

CVE-2025-2842

A flaw was found in the Tempo Operator. When the Jaeger UI Monitor Tab functionality is enabled in a Tempo instance managed by the Tempo Operator, the Operator creates a ClusterRoleBinding for the Service Account of the Tempo instance to grant the cluster-monitoring-view ClusterRole. This can be...

4.3CVSS6.9AI score0.00331EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.6 views

PT-2025-14479

Name of the Vulnerable Software and Affected Versions Tempo Operator affected versions not specified Description A flaw was found in the Tempo Operator related to the Jaeger UI Monitor Tab functionality. When this functionality is enabled, the Operator creates a ClusterRoleBinding for the Service...

4.3CVSS5.8AI score0.00331EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2025/02/05 4:3 a.m.2 views

SUSE CVE-2024-13484

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...

8.2CVSS6.6AI score0.00218EPSS
Exploits0References3
CVE
CVE
added 2025/01/28 5:54 p.m.137 views

CVE-2024-13484

Technical details for CVE-2024-13484 are not publicly provided in the connected documents. The SUSE advisories mention the CVE but do not supply affected products/versions or root-cause details. Monitor for updates.

8.2CVSS8AI score0.00218EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/01/28 5:54 p.m.5 views

CVE-2024-13484 Openshift-gitops-operator-container: namespace isolation break

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...

8.2CVSS8AI score0.00218EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/01/28 12:0 a.m.6 views

PT-2025-2188

Name of the Vulnerable Software and Affected Versions openshift-gitops-operator-container affected versions not specified ArgoCD affected versions not specified Description A flaw was found in the software, allowing a namespace to create a rogue PrometheusRule when the...

8.2CVSS7AI score0.00218EPSS
Exploits0References50
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.4 views

Argo CD 安全漏洞

Argo CD is an Argo open source declarative GitOps continuous delivery tool for Kubernetes. A security vulnerability exists in Argo CD that stems from the fact that the openshift.io/cluster-monitoring tag is automatically applied to all namespaces where ArgoCD CR instances are deployed, allowing t...

8.2CVSS6.9AI score0.00218EPSS
Exploits0References2
OSV
OSV
added 2024/06/05 3:10 p.m.18 views

GO-2024-2789 Cluster Monitoring Operator contains a credentials leak in github.com/openshift/cluster-monitoring-operator

Cluster Monitoring Operator contains a credentials leak in github.com/openshift/cluster-monitoring-operator...

7.7CVSS7.5AI score0.00892EPSS
Exploits0References11
OSV
OSV
added 2024/04/25 6:30 p.m.14 views

GHSA-X5M7-63C6-FX79 Withdrawn Advisory: Cluster Monitoring Operator contains a credentials leak

Withdrawn Advisory This advisory has been withdrawn because the vulnerability does not affect a package in the Go registry. For more information, see the discussion here. This link is maintained to preserve external references. Original Description A credentials leak vulnerability was found in th...

7.7CVSS7.5AI score0.00892EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2024/04/25 6:30 p.m.14 views

Withdrawn Advisory: Cluster Monitoring Operator contains a credentials leak

Withdrawn Advisory This advisory has been withdrawn because the vulnerability does not affect a package in the Go registry. For more information, see the discussion here. This link is maintained to preserve external references. Original Description A credentials leak vulnerability was found in th...

7.7CVSS7.5AI score0.00892EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2024/04/25 5:15 p.m.17 views

CVE-2024-1139

A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret...

7.7CVSS7.4AI score0.00892EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/04/25 4:25 p.m.30 views

CVE-2024-1139 Cluster-monitoring-operator: credentials leak

A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret...

7.7CVSS7.5AI score0.00892EPSS
Exploits0References6
CVE
CVE
added 2024/04/25 4:25 p.m.213 views

CVE-2024-1139

CVE-2024-1139 affects OpenShift Container Platform’s cluster-monitoring-operator. The root cause is a credentials leak where a repository pull secret can be accessed via pod manifest annotations (notably within the telemeter-client pod in openshift-monitoring). This could allow a user with basic ...

7.7CVSS6.4AI score0.00892EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/04/03 12:5 p.m.30 views

CVE-2024-1139

A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret...

7.7CVSS7.3AI score0.00892EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/01 8:2 p.m.26 views

Security Bulletin: IBM Storage Ceph is vulnerable to Cross-site Scripting in Grafana (CVE-2023-22462)

Summary Grafana is used by IBM Storage Ceph as part of the dashboard to monitor the stats for each cluster. CVE-2023-22462 Vulnerability Details CVEID: CVE-2023-22462 DESCRIPTION: Grafana is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Text plugi...

6.4CVSS6AI score0.01562EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/02/19 7:55 p.m.8 views

Important: Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update

Red Hat OpenShift Container Platform release 3.11.170 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

8.6CVSS6.7AI score0.87218EPSS
Exploits4References13
OpenVAS
OpenVAS
added 2011/03/24 12:0 a.m.26 views

Fedora Update for whatsup FEDORA-2011-2801

Check for the Version of whatsup OpenVAS Vulnerability Test Fedora Update for whatsup FEDORA-2011-2801 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5CVSS7.4AI score0.27924EPSS
Exploits1References2
securityvulns
securityvulns
added 2009/01/28 12:0 a.m.53 views

[SECURITY] [DSA 1710-1] New ganglia-monitor-core packages fix remote code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1710-1 [email protected] http://www.debian.org/security/ Steffen Joeris January 25, 2009 http://www.debian.org/security/faq -...

7.5CVSS0.5AI score0.05346EPSS
Exploits0
Rows per page
Query Builder