Lucene search
K

36 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/30 5:13 p.m.30 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2026.

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 24.0.0-IF008. Vulnerability Details CVEID:CVE-2019-17543 DESCRIPTION: LZ4 before 1.9.2 has a heap-based buffer overflow in...

8.3CVSS7.5AI score0.09116EPSS
Exploits4Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 4: kubernetes (TSSA-2024:0872)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0872 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.8CVSS6.6AI score0.02464EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2024/09/21 12:0 a.m.56 views

openSUSE: Security Advisory for kubernetes1.23 (SUSE-SU-2024:3341-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS8.5AI score0.99999EPSS
Exploits21References4
OpenVAS
OpenVAS
added 2024/09/21 12:0 a.m.69 views

openSUSE: Security Advisory for kubernetes1.24 (SUSE-SU-2024:3343-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS8.5AI score0.99999EPSS
Exploits21References4
OpenVAS
OpenVAS
added 2024/09/20 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2024:3343-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS8.5AI score0.99999EPSS
Exploits21References20
OpenVAS
OpenVAS
added 2024/09/20 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2024:3341-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS8.5AI score0.99999EPSS
Exploits21References20
Tenable Nessus
Tenable Nessus
added 2024/09/20 12:0 a.m.62 views

SUSE SLES15 Security Update : kubernetes1.24 (SUSE-SU-2024:3343-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3343-1 advisory. - CVE-2021-25743: escape, meta and control sequences in raw data output to terminal not neutralized. bsc1194400 - CVE-2023-2727:...

7.7CVSS7.4AI score0.99999EPSS
Exploits21References34
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/08 3:28 p.m.60 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable due to k8s.io/kubernetes ( CVE-2023-2728, CVE-2023-2727, CVE-2023-5408, CVE-2023-3955, CVE-2023-3676 )

Summary k8s.io/kubernetes is used by IBM Cloud Pak for Data as part of the platform. CVE-2023-2728, CVE-2023-2727, CVE-2023-5408, CVE-2023-3955, CVE-2023-3676. Vulnerability Details CVEID:CVE-2023-2728 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to bypass security...

8.8CVSS7.3AI score0.11668EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.25 views

RHEL 9 : Red Hat build of MicroShift 4.14.0 (RHSA-2023:5008)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5008 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built fr...

8CVSS7.2AI score0.02157EPSS
Exploits1References61
Rosalinux
Rosalinux
added 2024/04/23 12:1 p.m.52 views

Advisory ROSA-SA-2024-2405

software: kubernetes 1.25.15 WASP: ROSA-CHROME packageevrstring: kubernetes-1.25.15-1 CVE-ID: CVE-2023-2431 BDU-ID: 2023-03899 CVE-Crit: LOW CVE-DESC.: A vulnerability in the kubelet utility of the Kubernetes virtual machine cluster management software tool is related to insufficient validation o...

6.5CVSS5.9AI score0.02157EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.15 views

openSUSE: Security Advisory for kubernetes1.24 (SUSE-SU-2023:3260-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.1AI score0.02157EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/10/31 2:23 p.m.47 views

Important: Red Hat Security Advisory: Red Hat build of MicroShift 4.14.0 security update

Red Hat build of MicroShift release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

8CVSS6.7AI score0.02157EPSS
Exploits1References53
Tenable Nessus
Tenable Nessus
added 2023/08/11 12:0 a.m.33 views

SUSE SLES15: kubernetes1.24-client / kubernetes1.24-client-bash-completion / etc (SUSE-SU-2023:3260-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3260-1 advisory. Update to version 1.24.16: - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/13 1:54 p.m.46 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2023-2728)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that enables a user to bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers with the kubernetes.io/enforce-mountable-secrets...

6.5CVSS7.1AI score0.02157EPSS
Exploits1Affected Software1
Chainguard
Chainguard
added 2023/07/03 9:15 p.m.41 views

CVE-2023-2728 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver...

6.5CVSS6.7AI score0.02157EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2023/07/03 9:15 p.m.23 views

CVE-2023-2728

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/07/03 8:6 p.m.25 views

CVE-2023-2728 Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.8AI score0.02157EPSS
Exploits1References4
OSV
OSV
added 2023/07/03 8:6 p.m.19 views

CVE-2023-2728 Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.6AI score0.02157EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/07/03 8:6 p.m.25 views

CVE-2023-2728 Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.6AI score0.02157EPSS
Exploits1References4
CVE
CVE
added 2023/07/03 8:6 p.m.2769 views

CVE-2023-2728

CVE-2023-2728 : The vulnerability allows containers to bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when ephemeral containers are used. Kubernetes clusters are affected only if both the ServiceAccount admission plugin and the annotation kubernetes.io/enforce...

6.5CVSS6.6AI score0.02157EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder