2389 matches found
Citrix SD-WAN Center - Local File Inclusion
Citrix SD-WAN Center is susceptible to local file inclusion via the applianceSettingsFileTransfer function in ApplianceSettingsController. The function does not sufficiently validate or sanitize HTTP request parameter values used to construct a file system path. An attacker can trigger this...
Citrix SD-WAN Center - Remote Command Injection
Citrix SD-WAN Center is susceptible to remote command injection via the ping function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through t...
CVE-2026-41484
OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collector results in an unsuccessful HTTP 4xx or 5xx response, the HttpJsonPostTransport class reads the...
CVE-2026-26204
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer allocated by strdup. D...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: kuberay-apiserver, ops-agent, virt-controller, kserve-localmodelnode-agent-fips, kubernetes-csi-external-resizer, grype-fips, vexctl, azcopy-fips, aws-otel-collector-fips, chainloop-artifact-cas-fips, db-operator-fips, spegel-fips, kubernetes, azuredisk-csi,...
Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt
This update fixes the following issues: golang-github-prometheus-nodeexporter: Version 1.10.2: meminfo: Fix typo in Zswap metric name Version 1.10.1: filesystem: Fix mount points being collected multiple times filesystem: Refactor mountinfo parsing bsc1261810 meminfo: Add Zswap/Zswapped metrics...
CVE-2026-27136 vulnerabilities
Vulnerabilities for packages: flux, istio, kots, fq, kubernetes, crossplane-provider-azure-storage, nerdctl, argo-cd, hydra, traefik, prometheus-operator, gptscript, k3s, terraform-provider-acme, kubernetes-dashboard, kine, caddy, glab, minio, step-issuer, snyk-cli, opentelemetry-collector,...
CVE-2026-42506 vulnerabilities
Vulnerabilities for packages: flux, istio, kots, fq, kubernetes, crossplane-provider-azure-storage, nerdctl, argo-cd, hydra, traefik, prometheus-operator, gptscript, k3s, terraform-provider-acme, kubernetes-dashboard, kine, caddy, glab, minio, step-issuer, snyk-cli, opentelemetry-collector,...
GHSA-5CV4-JP36-H3MW vulnerabilities
Vulnerabilities for packages: flux, istio, kots, fq, kubernetes, crossplane-provider-azure-storage, nerdctl, argo-cd, hydra, traefik, prometheus-operator, gptscript, k3s, terraform-provider-acme, kubernetes-dashboard, kine, caddy, glab, minio, step-issuer, snyk-cli, opentelemetry-collector,...
GHSA-CG87-VWWH-XVGJ vulnerabilities
Vulnerabilities for packages: flux, istio, kots, fq, kubernetes, crossplane-provider-azure-storage, nerdctl, argo-cd, hydra, traefik, prometheus-operator, gptscript, k3s, terraform-provider-acme, kubernetes-dashboard, kine, caddy, glab, minio, step-issuer, snyk-cli, opentelemetry-collector,...
CVE-2026-25681 vulnerabilities
Vulnerabilities for packages: flux, istio, kots, fq, kubernetes, crossplane-provider-azure-storage, nerdctl, argo-cd, hydra, traefik, prometheus-operator, gptscript, k3s, terraform-provider-acme, kubernetes-dashboard, kine, caddy, glab, minio, step-issuer, snyk-cli, opentelemetry-collector,...
GHSA-WRH2-89VG-4J9G vulnerabilities
Vulnerabilities for packages: flux, istio, kots, fq, kubernetes, crossplane-provider-azure-storage, nerdctl, argo-cd, hydra, traefik, prometheus-operator, gptscript, k3s, terraform-provider-acme, kubernetes-dashboard, kine, caddy, glab, minio, step-issuer, snyk-cli, opentelemetry-collector,...
CVE-2026-25680 vulnerabilities
Vulnerabilities for packages: flux, istio, kots, fq, kubernetes, crossplane-provider-azure-storage, nerdctl, argo-cd, hydra, traefik, prometheus-operator, gptscript, k3s, terraform-provider-acme, kubernetes-dashboard, kine, caddy, glab, minio, step-issuer, snyk-cli, opentelemetry-collector,...
GHSA-W9P8-PVXH-RXPJ vulnerabilities
Vulnerabilities for packages: flux, istio, kots, fq, kubernetes, crossplane-provider-azure-storage, nerdctl, argo-cd, hydra, traefik, prometheus-operator, gptscript, k3s, terraform-provider-acme, kubernetes-dashboard, kine, caddy, glab, minio, step-issuer, snyk-cli, opentelemetry-collector,...
GHSA-M9X8-M34X-FJ9Q vulnerabilities
Vulnerabilities for packages: flux, istio, kots, fq, kubernetes, crossplane-provider-azure-storage, nerdctl, argo-cd, hydra, traefik, prometheus-operator, gptscript, k3s, terraform-provider-acme, kubernetes-dashboard, kine, caddy, glab, minio, step-issuer, snyk-cli, opentelemetry-collector,...
GHSA-WRH2-89VG-4J9G vulnerabilities
Vulnerabilities for packages: terraform-provider-acme-fips, vale, k6-fips, gitea-fips, argo-cd-fips, crossplane-provider-azure-storage, grafana-pyroscope, kubernetes-dashboard, backup-restore-operator, terraform-provider-acme, snyk-cli, gitea, gotrue, crossplane-provider-azure-web,...
GHSA-M9X8-M34X-FJ9Q vulnerabilities
Vulnerabilities for packages: terraform-provider-acme-fips, vale, k6-fips, gitea-fips, argo-cd-fips, crossplane-provider-azure-storage, grafana-pyroscope, kubernetes-dashboard, backup-restore-operator, terraform-provider-acme, snyk-cli, gitea, gotrue, crossplane-provider-azure-web,...
CVE-2026-25681 vulnerabilities
Vulnerabilities for packages: terraform-provider-acme-fips, vale, k6-fips, gitea-fips, argo-cd-fips, crossplane-provider-azure-storage, grafana-pyroscope, kubernetes-dashboard, backup-restore-operator, terraform-provider-acme, snyk-cli, gitea, gotrue, crossplane-provider-azure-web,...
CVE-2026-25680 vulnerabilities
Vulnerabilities for packages: terraform-provider-acme-fips, vale, k6-fips, gitea-fips, argo-cd-fips, crossplane-provider-azure-storage, grafana-pyroscope, kubernetes-dashboard, backup-restore-operator, terraform-provider-acme, snyk-cli, gitea, gotrue, crossplane-provider-azure-web,...
GHSA-CG87-VWWH-XVGJ vulnerabilities
Vulnerabilities for packages: terraform-provider-acme-fips, vale, k6-fips, gitea-fips, argo-cd-fips, crossplane-provider-azure-storage, grafana-pyroscope, kubernetes-dashboard, backup-restore-operator, terraform-provider-acme, snyk-cli, gitea, gotrue, crossplane-provider-azure-web,...