44 matches found
📄 Apache Airflow Databricks Provider Certificate Verification Bypass
The Apache Airflow Databricks Provider package disables TLS certificate verification when communicating with the Kubernetes API server during federated token exchange. Both the synchronous and asynchronous code paths use verify=False / ssl=False, allowing any attacker with network access within t...
CVE-2026-25770
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the Wazuh Manager's cluster synchronization protocol. The wazuh-clusterd service allows authenticated...
RHSA-2026:2484 Red Hat Security Advisory: pcs security update
Bulletin has no description...
EUVD-2025-131920
A flaw was found in the Observability Operator. The Operator creates a ServiceAccount with ClusterRole upon deployment of the Namespace-Scoped Custom Resource MonitorStack. This issue allows an adversarial Kubernetes Account with only namespaced-level roles, for example, a tenant controlling a...
CVE-2025-2843
The CVE-2025-2843 issue affects the Observability Operator. It creates a ServiceAccount with ClusterRole permissions when deploying the Namespace-Scoped MonitorStack CR, enabling a namespaced Kubernetes user to create a MonitorStack in their namespace and then escalate to cluster-level privileges...
EUVD-2018-7258
Malware in sbrugna...
EUVD-2010-3222
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-10153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fencerhevm t...
CVE-2024-38346
The CloudStack cluster service runs on unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code...
CVE-2024-38346
The CloudStack cluster service runs on unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code...
CVE-2023-50275
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service...
January 10, 2023—KB5022286 (OS Build 17763.3887) - EXPIRED
January 10, 2023—KB5022286 OS Build 17763.3887 - EXPIRED EXPIRATION NOTICEIMPORTANT - As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. Important: For...
Apache Tomcat 10.1 - Denial Of Service Exploit
Exploit Title: Apache Tomcat 10.1 - Denial Of Service Exploit Author: Cristian 'void' Giustini Vendor Homepage: https://tomcat.apache.org/ Software Link: https://tomcat.apache.org/download-10.cgi Version: = 10.1 Tested on: Apache Tomcat 10.0 Docker CVE : CVE-2022-29885 CVE Owner: 4ra1n Exploit...
February 14, 2023—KB5022840 (OS Build 17763.4010) - EXPIRED
February 14, 2023—KB5022840 OS Build 17763.4010 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. 11/17/20 For...
October 11, 2022—KB5018419 (OS Build 17763.3532) - EXPIRED
October 11, 2022—KB5018419 OS Build 17763.3532 - EXPIRED EXPIRATION NOTICEIMPORTANT - As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. 10/11/22 REMINDER...
December 14, 2021—KB5008218 (OS Build 17763.2366)
December 14, 2021—KB5008218 OS Build 17763.2366 11/9/2021 IMPORTANT Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a preview release known as a “C” release for the month of December 2021. There will be a monthly security release known as a “B”...
Code injection
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that present certificate...
CVE-2021-3636
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that present certificate...
December 8, 2020—KB4593226 (OS Build 14393.4104) - EXPIRED
December 8, 2020—KB4593226 OS Build 14393.4104 - EXPIRED NEW 8/5/21 EXPIRATION NOTICEIMPORTANT As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality...
Hyper-V guest may freeze when it is running failover cluster service together with shared VHDX in Windows Server 2012 R2
Hyper-V guest may freeze when it is running failover cluster service together with shared VHDX in Windows Server 2012 R2 This article describes an issue that occurs when a Hyper-V guest is running failover cluster service together with a shared virtual hard disk VHDX in Windows Server 2012 R2...