2389 matches found
Citrix SD-WAN Center - Local File Inclusion
Citrix SD-WAN Center is susceptible to local file inclusion via the applianceSettingsFileTransfer function in ApplianceSettingsController. The function does not sufficiently validate or sanitize HTTP request parameter values used to construct a file system path. An attacker can trigger this...
Citrix SD-WAN Center - Remote Command Injection
Citrix SD-WAN Center is susceptible to remote command injection via the ping function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through t...
CVE-2026-41484
OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collector results in an unsuccessful HTTP 4xx or 5xx response, the HttpJsonPostTransport class reads the...
CVE-2026-26204
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer allocated by strdup. D...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: kubo, goreleaser, terraform-provider-azapi-fips, kiali-fips, cosign-fips, docker-cli-buildx-fips, helm-diff, cert-manager-csi-driver-fips, addon-resizer-fips, terraform-provider-kubernetes-fips, chisel, local-path-provisioner-fips, kaniko, aws-iam-authenticator, ster...
Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt
This update fixes the following issues: golang-github-prometheus-nodeexporter: Version 1.10.2: meminfo: Fix typo in Zswap metric name Version 1.10.1: filesystem: Fix mount points being collected multiple times filesystem: Refactor mountinfo parsing bsc1261810 meminfo: Add Zswap/Zswapped metrics...
CVE-2026-27136 vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, prometheus-operator, snyk-cli, glab, kine, loki, grafana-pyroscope, telegraf, traefik, kubernetes, cilium, step, zot, hydra, terraform-provider-acme, istio, vale, fq, gptscript, kubernetes-dashboard, k3s, step-issuer, flux, helm,...
CVE-2026-42506 vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, prometheus-operator, snyk-cli, glab, kine, loki, grafana-pyroscope, telegraf, traefik, kubernetes, cilium, step, zot, hydra, terraform-provider-acme, istio, vale, fq, gptscript, kubernetes-dashboard, k3s, step-issuer, flux, helm,...
GHSA-5CV4-JP36-H3MW vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, prometheus-operator, snyk-cli, glab, kine, loki, grafana-pyroscope, telegraf, traefik, kubernetes, cilium, step, zot, hydra, terraform-provider-acme, istio, vale, fq, gptscript, kubernetes-dashboard, k3s, step-issuer, flux, helm,...
CVE-2026-25681 vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, prometheus-operator, snyk-cli, glab, kine, loki, grafana-pyroscope, telegraf, traefik, kubernetes, cilium, step, zot, hydra, terraform-provider-acme, istio, vale, fq, gptscript, kubernetes-dashboard, k3s, step-issuer, flux, helm,...
GHSA-CG87-VWWH-XVGJ vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, prometheus-operator, snyk-cli, glab, kine, loki, grafana-pyroscope, telegraf, traefik, kubernetes, cilium, step, zot, hydra, terraform-provider-acme, istio, vale, fq, gptscript, kubernetes-dashboard, k3s, step-issuer, flux, helm,...
GHSA-WRH2-89VG-4J9G vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, prometheus-operator, snyk-cli, glab, kine, loki, grafana-pyroscope, telegraf, traefik, kubernetes, cilium, step, zot, hydra, terraform-provider-acme, istio, vale, fq, gptscript, kubernetes-dashboard, k3s, step-issuer, flux, helm,...
CVE-2026-25680 vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, prometheus-operator, snyk-cli, glab, kine, loki, grafana-pyroscope, telegraf, traefik, kubernetes, cilium, step, zot, hydra, terraform-provider-acme, istio, vale, fq, gptscript, kubernetes-dashboard, k3s, step-issuer, flux, helm,...
GHSA-M9X8-M34X-FJ9Q vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, prometheus-operator, snyk-cli, glab, kine, loki, grafana-pyroscope, telegraf, traefik, kubernetes, cilium, step, zot, hydra, terraform-provider-acme, istio, vale, fq, gptscript, kubernetes-dashboard, k3s, step-issuer, flux, helm,...
GHSA-W9P8-PVXH-RXPJ vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, prometheus-operator, snyk-cli, glab, kine, loki, grafana-pyroscope, telegraf, traefik, kubernetes, cilium, step, zot, hydra, terraform-provider-acme, istio, vale, fq, gptscript, kubernetes-dashboard, k3s, step-issuer, flux, helm,...
GHSA-M9X8-M34X-FJ9Q vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, istio, virt-operator-fips, crossplane-provider-azure-servicefabric, nerdctl, crossplane-provider-azure-streamanalytics, terraform-provider-acme-fips, kine, kyverno, minio, zot, crossplane-provider-azure-authorization, caddy-fips, gitea-fips, art...
GHSA-WRH2-89VG-4J9G vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, istio, virt-operator-fips, crossplane-provider-azure-servicefabric, nerdctl, crossplane-provider-azure-streamanalytics, terraform-provider-acme-fips, kine, kyverno, minio, zot, crossplane-provider-azure-authorization, caddy-fips, gitea-fips, art...
CVE-2026-25680 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, istio, virt-operator-fips, crossplane-provider-azure-servicefabric, nerdctl, crossplane-provider-azure-streamanalytics, terraform-provider-acme-fips, kine, kyverno, minio, zot, crossplane-provider-azure-authorization, caddy-fips, gitea-fips, art...
CVE-2026-25681 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, istio, virt-operator-fips, crossplane-provider-azure-servicefabric, nerdctl, crossplane-provider-azure-streamanalytics, terraform-provider-acme-fips, kine, kyverno, minio, zot, crossplane-provider-azure-authorization, caddy-fips, gitea-fips, art...
GHSA-CG87-VWWH-XVGJ vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, istio, virt-operator-fips, crossplane-provider-azure-servicefabric, nerdctl, crossplane-provider-azure-streamanalytics, terraform-provider-acme-fips, kine, kyverno, minio, zot, crossplane-provider-azure-authorization, caddy-fips, gitea-fips, art...