2389 matches found
Citrix SD-WAN Center - Local File Inclusion
Citrix SD-WAN Center is susceptible to local file inclusion via the applianceSettingsFileTransfer function in ApplianceSettingsController. The function does not sufficiently validate or sanitize HTTP request parameter values used to construct a file system path. An attacker can trigger this...
Citrix SD-WAN Center - Remote Command Injection
Citrix SD-WAN Center is susceptible to remote command injection via the ping function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through t...
CVE-2026-41484
OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collector results in an unsuccessful HTTP 4xx or 5xx response, the HttpJsonPostTransport class reads the...
CVE-2026-26204
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a heap-based out-of-bounds WRITE occurs in GetAlertData, resulting in writing a NULL byte exactly 1 byte before the start of the buffer allocated by strdup. D...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: terraform-provider-pagerduty-fips, kube-arangodb, knative-serving-fips, kubernetes-replicator-fips, virt-handler-fips, flux-fips, minio-object-browser, cert-exporter-fips, k6-operator, terraform-ls, apko, minio-operator, sops-fips, kserve-localmodelnode-agent-fips,...
Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt
This update fixes the following issues: golang-github-prometheus-nodeexporter: Version 1.10.2: meminfo: Fix typo in Zswap metric name Version 1.10.1: filesystem: Fix mount points being collected multiple times filesystem: Refactor mountinfo parsing bsc1261810 meminfo: Add Zswap/Zswapped metrics...
CVE-2026-27136 vulnerabilities
Vulnerabilities for packages: nerdctl, grafana-pyroscope, argo-cd, minio, zot, kine, kubernetes-dashboard, kubernetes, cilium, crossplane-provider-azure-authorization, vale, fq, snyk-cli, telegraf, hubble, gptscript, flux, kots, glab, opentelemetry-collector, step, prometheus-operator,...
CVE-2026-42506 vulnerabilities
Vulnerabilities for packages: nerdctl, grafana-pyroscope, argo-cd, minio, zot, kine, kubernetes-dashboard, kubernetes, cilium, crossplane-provider-azure-authorization, vale, fq, snyk-cli, telegraf, hubble, gptscript, flux, kots, glab, opentelemetry-collector, step, prometheus-operator,...
GHSA-CG87-VWWH-XVGJ vulnerabilities
Vulnerabilities for packages: nerdctl, grafana-pyroscope, argo-cd, minio, zot, kine, kubernetes-dashboard, kubernetes, cilium, crossplane-provider-azure-authorization, vale, fq, snyk-cli, telegraf, hubble, gptscript, flux, kots, glab, opentelemetry-collector, step, prometheus-operator,...
GHSA-5CV4-JP36-H3MW vulnerabilities
Vulnerabilities for packages: nerdctl, grafana-pyroscope, argo-cd, minio, zot, kine, kubernetes-dashboard, kubernetes, cilium, crossplane-provider-azure-authorization, vale, fq, snyk-cli, telegraf, hubble, gptscript, flux, kots, glab, opentelemetry-collector, step, prometheus-operator,...
CVE-2026-25681 vulnerabilities
Vulnerabilities for packages: nerdctl, grafana-pyroscope, argo-cd, minio, zot, kine, kubernetes-dashboard, kubernetes, cilium, crossplane-provider-azure-authorization, vale, fq, snyk-cli, telegraf, hubble, gptscript, flux, kots, glab, opentelemetry-collector, step, prometheus-operator,...
GHSA-WRH2-89VG-4J9G vulnerabilities
Vulnerabilities for packages: nerdctl, grafana-pyroscope, argo-cd, minio, zot, kine, kubernetes-dashboard, kubernetes, cilium, crossplane-provider-azure-authorization, vale, fq, snyk-cli, telegraf, hubble, gptscript, flux, kots, glab, opentelemetry-collector, step, prometheus-operator,...
CVE-2026-25680 vulnerabilities
Vulnerabilities for packages: nerdctl, grafana-pyroscope, argo-cd, minio, zot, kine, kubernetes-dashboard, kubernetes, cilium, crossplane-provider-azure-authorization, vale, fq, snyk-cli, telegraf, hubble, gptscript, flux, kots, glab, opentelemetry-collector, step, prometheus-operator,...
GHSA-M9X8-M34X-FJ9Q vulnerabilities
Vulnerabilities for packages: nerdctl, grafana-pyroscope, argo-cd, minio, zot, kine, kubernetes-dashboard, kubernetes, cilium, crossplane-provider-azure-authorization, vale, fq, snyk-cli, telegraf, hubble, gptscript, flux, kots, glab, opentelemetry-collector, step, prometheus-operator,...
GHSA-W9P8-PVXH-RXPJ vulnerabilities
Vulnerabilities for packages: nerdctl, grafana-pyroscope, argo-cd, minio, zot, kine, kubernetes-dashboard, kubernetes, cilium, crossplane-provider-azure-authorization, vale, fq, snyk-cli, telegraf, hubble, gptscript, flux, kots, glab, opentelemetry-collector, step, prometheus-operator,...
GHSA-WRH2-89VG-4J9G vulnerabilities
Vulnerabilities for packages: caddy, argo-cd-fips, art, crossplane-provider-azure-netapp, fq, kine, kots, loki, tenv-fips, crossplane-provider-azure-policyinsights, caddy-fips, istio-fips, hydra, hubble, flux, vale, terraform-provider-acme-fips, nerdctl, ory-kratos-fips, tenv, virt-operator,...
GHSA-M9X8-M34X-FJ9Q vulnerabilities
Vulnerabilities for packages: caddy, argo-cd-fips, art, crossplane-provider-azure-netapp, fq, kine, kots, loki, tenv-fips, crossplane-provider-azure-policyinsights, caddy-fips, istio-fips, hydra, hubble, flux, vale, terraform-provider-acme-fips, nerdctl, ory-kratos-fips, tenv, virt-operator,...
CVE-2026-25680 vulnerabilities
Vulnerabilities for packages: caddy, argo-cd-fips, art, crossplane-provider-azure-netapp, fq, kine, kots, loki, tenv-fips, crossplane-provider-azure-policyinsights, caddy-fips, istio-fips, hydra, hubble, flux, vale, terraform-provider-acme-fips, nerdctl, ory-kratos-fips, tenv, virt-operator,...
CVE-2026-25681 vulnerabilities
Vulnerabilities for packages: caddy, argo-cd-fips, art, crossplane-provider-azure-netapp, fq, kine, kots, loki, tenv-fips, crossplane-provider-azure-policyinsights, caddy-fips, istio-fips, hydra, hubble, flux, vale, terraform-provider-acme-fips, nerdctl, ory-kratos-fips, tenv, virt-operator,...
GHSA-5CV4-JP36-H3MW vulnerabilities
Vulnerabilities for packages: caddy, argo-cd-fips, art, crossplane-provider-azure-netapp, fq, kine, kots, loki, tenv-fips, crossplane-provider-azure-policyinsights, caddy-fips, istio-fips, hydra, hubble, flux, vale, terraform-provider-acme-fips, nerdctl, ory-kratos-fips, tenv, virt-operator,...