58 matches found
CVE-2026-41579 vulnerabilities
Vulnerabilities for packages: buildah-fips, prometheus-podman-exporter, nvidia-container-toolkit, sriov-network-device-plugin, k8s-device-plugin-fips, rancher-agent, podman-fips, node-feature-discovery, sriov-network-device-plugin-fips, k8s-device-plugin, node-feature-discovery-fips...
GHSA-XJVP-4FHW-GC47 vulnerabilities
Vulnerabilities for packages: buildah-fips, prometheus-podman-exporter, nvidia-container-toolkit, sriov-network-device-plugin, k8s-device-plugin-fips, rancher-agent, podman-fips, node-feature-discovery, sriov-network-device-plugin-fips, k8s-device-plugin, node-feature-discovery-fips...
GHSA-XJVP-4FHW-GC47 vulnerabilities
Vulnerabilities for packages: sriov-network-device-plugin, k8s-device-plugin, nvidia-container-toolkit, rancher-agent, node-feature-discovery...
CVE-2026-41579 vulnerabilities
Vulnerabilities for packages: sriov-network-device-plugin, k8s-device-plugin, nvidia-container-toolkit, rancher-agent, node-feature-discovery...
CVE-2026-42506 affecting package sriov-network-device-plugin for versions less than 3.7.0-6
CVE-2026-42506 affecting package sriov-network-device-plugin for versions less than 3.7.0-6. A patched version of the package is available...
CVE-2026-25681 affecting package sriov-network-device-plugin for versions less than 3.7.0-6
CVE-2026-25681 affecting package sriov-network-device-plugin for versions less than 3.7.0-6. A patched version of the package is available...
CVE-2026-42502 affecting package sriov-network-device-plugin for versions less than 3.7.0-6
CVE-2026-42502 affecting package sriov-network-device-plugin for versions less than 3.7.0-6. A patched version of the package is available...
CVE-2026-27136 affecting package sriov-network-device-plugin for versions less than 3.7.0-6
CVE-2026-27136 affecting package sriov-network-device-plugin for versions less than 3.7.0-6. A patched version of the package is available...
CVE-2026-25680 affecting package sriov-network-device-plugin for versions less than 3.7.0-6
CVE-2026-25680 affecting package sriov-network-device-plugin for versions less than 3.7.0-6. A patched version of the package is available...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, zot, telegraf, gitaly, kubernetes, cilium-cli, istio, prometheus-operator, redka, flux, knative-operator, nerdctl, coredns, kubescape, fscrypt, cert-manager, gatekeeper, kube-fluentd-operator, net-kourier, ingress-nginx-controller,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: gke-gcloud-auth-plugin, memcached-exporter, kubernetes, terraform-provider-time, crossplane-provider-gcp, vendir, wal-g, amazon-k8s-cni, esbuild, haproxy-ingress, helm, datadog-agent, argo-events, gostatsd, influx, kube-logging-operator-custom-runner,...
CVE-2025-58190 affecting package sriov-network-device-plugin for versions less than 3.7.0-5
CVE-2025-58190 affecting package sriov-network-device-plugin for versions less than 3.7.0-5. A patched version of the package is available...
CVE-2025-47911 affecting package sriov-network-device-plugin for versions less than 3.7.0-5
CVE-2025-47911 affecting package sriov-network-device-plugin for versions less than 3.7.0-5. A patched version of the package is available...
CVE-2025-47911 affecting package sriov-network-device-plugin for versions less than 3.6.2-11
CVE-2025-47911 affecting package sriov-network-device-plugin for versions less than 3.6.2-11. A patched version of the package is available...
CVE-2025-58190 affecting package sriov-network-device-plugin for versions less than 3.6.2-11
CVE-2025-58190 affecting package sriov-network-device-plugin for versions less than 3.6.2-11. A patched version of the package is available...
Azure Linux 3.0 Security Update: sriov-network-device-plugin (CVE-2022-1996)
The version of sriov-network-device-plugin installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1996 advisory. - Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restfu...
CVE-2025-58188 vulnerabilities
Vulnerabilities for packages: kubecolor, kube-arangodb-fips, crane-fips, kaf, prometheus-alertmanager, gendesk, kubernetes-csi-external-attacher-fips, ctop, speedtest-go, fscrypt, volsync, kube-logging-logging-operator, cluster-api, s5cmd, kubernetes-replicator, azure-workload-identity-webhook,...
CVE-2025-58189 vulnerabilities
Vulnerabilities for packages: kubecolor, kube-arangodb-fips, crane-fips, kaf, prometheus-alertmanager, gendesk, kubernetes-csi-external-attacher-fips, ctop, speedtest-go, fscrypt, volsync, kube-logging-logging-operator, cluster-api, s5cmd, kubernetes-replicator, azure-workload-identity-webhook,...
GHSA-CXQ7-XW9V-RCV3 vulnerabilities
Vulnerabilities for packages: kubecolor, kube-arangodb-fips, crane-fips, kaf, prometheus-alertmanager, gendesk, kubernetes-csi-external-attacher-fips, ctop, speedtest-go, fscrypt, volsync, kube-logging-logging-operator, cluster-api, s5cmd, kubernetes-replicator, azure-workload-identity-webhook,...