2389 matches found
Citrix SD-WAN Center - Local File Inclusion
Citrix SD-WAN Center is susceptible to local file inclusion via the applianceSettingsFileTransfer function in ApplianceSettingsController. The function does not sufficiently validate or sanitize HTTP request parameter values used to construct a file system path. An attacker can trigger this...
Citrix SD-WAN Center - Remote Command Injection
Citrix SD-WAN Center is susceptible to remote command injection via the ping function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through t...
CVE-2026-41484
OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collector results in an unsuccessful HTTP 4xx or 5xx response, the HttpJsonPostTransport class reads the...
CVE-2026-26204
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer allocated by strdup. D...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: thanos-receive-controller, rabbitmq-messaging-topology-operator-fips, volcano, tofu-controller, longhorn-manager-fips, cilium-certgen, sops-fips, helm-exporter-fips, knative-eventing-fips, terraform-provider-random, kube-oidc-proxy, mountpoint-s3-csi-driver,...
Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt
This update fixes the following issues: golang-github-prometheus-nodeexporter: Version 1.10.2: meminfo: Fix typo in Zswap metric name Version 1.10.1: filesystem: Fix mount points being collected multiple times filesystem: Refactor mountinfo parsing bsc1261810 meminfo: Add Zswap/Zswapped metrics...
CVE-2026-27136 vulnerabilities
Vulnerabilities for packages: vale, kyverno, istio, minio, kubernetes-dashboard, loki, nerdctl, zot, gitea, grafana-pyroscope, cilium, k3s, step, kine, caddy, snyk-cli, crossplane-provider-azure-storage, hubble, terraform-provider-acme, prometheus-operator, helm, kubernetes, hydra,...
CVE-2026-42506 vulnerabilities
Vulnerabilities for packages: vale, kyverno, istio, minio, kubernetes-dashboard, loki, nerdctl, zot, gitea, grafana-pyroscope, cilium, k3s, step, kine, caddy, snyk-cli, crossplane-provider-azure-storage, hubble, terraform-provider-acme, prometheus-operator, helm, kubernetes, hydra,...
GHSA-CG87-VWWH-XVGJ vulnerabilities
Vulnerabilities for packages: vale, kyverno, istio, minio, kubernetes-dashboard, loki, nerdctl, zot, gitea, grafana-pyroscope, cilium, k3s, step, kine, caddy, snyk-cli, crossplane-provider-azure-storage, hubble, terraform-provider-acme, prometheus-operator, helm, kubernetes, hydra,...
GHSA-5CV4-JP36-H3MW vulnerabilities
Vulnerabilities for packages: vale, kyverno, istio, minio, kubernetes-dashboard, loki, nerdctl, zot, gitea, grafana-pyroscope, cilium, k3s, step, kine, caddy, snyk-cli, crossplane-provider-azure-storage, hubble, terraform-provider-acme, prometheus-operator, helm, kubernetes, hydra,...
CVE-2026-25681 vulnerabilities
Vulnerabilities for packages: vale, kyverno, istio, minio, kubernetes-dashboard, loki, nerdctl, zot, gitea, grafana-pyroscope, cilium, k3s, step, kine, caddy, snyk-cli, crossplane-provider-azure-storage, hubble, terraform-provider-acme, prometheus-operator, helm, kubernetes, hydra,...
GHSA-WRH2-89VG-4J9G vulnerabilities
Vulnerabilities for packages: vale, kyverno, istio, minio, kubernetes-dashboard, loki, nerdctl, zot, gitea, grafana-pyroscope, cilium, k3s, step, kine, caddy, snyk-cli, crossplane-provider-azure-storage, hubble, terraform-provider-acme, prometheus-operator, helm, kubernetes, hydra,...
CVE-2026-25680 vulnerabilities
Vulnerabilities for packages: vale, kyverno, istio, minio, kubernetes-dashboard, loki, nerdctl, zot, gitea, grafana-pyroscope, cilium, k3s, step, kine, caddy, snyk-cli, crossplane-provider-azure-storage, hubble, terraform-provider-acme, prometheus-operator, helm, kubernetes, hydra,...
GHSA-W9P8-PVXH-RXPJ vulnerabilities
Vulnerabilities for packages: vale, kyverno, istio, minio, kubernetes-dashboard, loki, nerdctl, zot, gitea, grafana-pyroscope, cilium, k3s, step, kine, caddy, snyk-cli, crossplane-provider-azure-storage, hubble, terraform-provider-acme, prometheus-operator, helm, kubernetes, hydra,...
GHSA-M9X8-M34X-FJ9Q vulnerabilities
Vulnerabilities for packages: vale, kyverno, istio, minio, kubernetes-dashboard, loki, nerdctl, zot, gitea, grafana-pyroscope, cilium, k3s, step, kine, caddy, snyk-cli, crossplane-provider-azure-storage, hubble, terraform-provider-acme, prometheus-operator, helm, kubernetes, hydra,...
GHSA-WRH2-89VG-4J9G vulnerabilities
Vulnerabilities for packages: kyverno, kubernetes-dashboard, istio-fips, crossplane-provider-azure-servicefabric, gitea-fips, step-ca-fips, virt-operator, hubble, opentelemetry-collector, traefik-fips, gitlab-rails-ce-fips, step, k6-fips, tenv-fips, loki, step-issuer, gptscript,...
GHSA-M9X8-M34X-FJ9Q vulnerabilities
Vulnerabilities for packages: kyverno, kubernetes-dashboard, istio-fips, crossplane-provider-azure-servicefabric, gitea-fips, step-ca-fips, virt-operator, hubble, opentelemetry-collector, traefik-fips, gitlab-rails-ce-fips, step, k6-fips, tenv-fips, loki, step-issuer, gptscript,...
CVE-2026-25680 vulnerabilities
Vulnerabilities for packages: kyverno, kubernetes-dashboard, istio-fips, crossplane-provider-azure-servicefabric, gitea-fips, step-ca-fips, virt-operator, hubble, opentelemetry-collector, traefik-fips, gitlab-rails-ce-fips, step, k6-fips, tenv-fips, loki, step-issuer, gptscript,...
CVE-2026-25681 vulnerabilities
Vulnerabilities for packages: kyverno, kubernetes-dashboard, istio-fips, crossplane-provider-azure-servicefabric, gitea-fips, step-ca-fips, virt-operator, hubble, opentelemetry-collector, traefik-fips, gitlab-rails-ce-fips, step, k6-fips, tenv-fips, loki, step-issuer, gptscript,...
CVE-2026-27136 vulnerabilities
Vulnerabilities for packages: kyverno, kubernetes-dashboard, istio-fips, crossplane-provider-azure-servicefabric, gitea-fips, step-ca-fips, virt-operator, hubble, opentelemetry-collector, traefik-fips, gitlab-rails-ce-fips, step, k6-fips, tenv-fips, loki, step-issuer, gptscript,...