74 matches found
CVE-2025-34318
IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLSHOSTNAME, UPSTREAMUSER, UPSTREAMPASSWORD, ADMINMAILADDRESS, and ADMINPASSWORD parameters when adding a new...
EUVD-2018-8646
Malware in sbrugna...
EUVD-2019-4045
Malware in sbrugna...
CVE-2025-50976
IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...
Dangling Danger: Why You Need to Focus on Your DNS Posture Management
...
SUSE CVE-2025-47282
Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...
GO-2025-3697 Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation in github.com/gardener/external-dns-management
Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation in github.com/gardener/external-dns-management...
Privilege Escalation
github.com/gardener/external-dns-management is vulnerable to a privilege escalation. The vulnerability is due to insufficient isolation and access control between shoot clusters and the seed cluster in the external-dns-management component, which allows an attacker with admin access to a shoot...
Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation
A security vulnerability was discovered in Gardener that could allow a user with administrative privileges for a Gardener project or a user with administrative privileges for a shoot cluster, including administrative privileges for a single namespace of the shoot cluster, to obtain control over t...
GHSA-XWGG-M7FX-83WX Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation
A security vulnerability was discovered in Gardener that could allow a user with administrative privileges for a Gardener project or a user with administrative privileges for a shoot cluster, including administrative privileges for a single namespace of the shoot cluster, to obtain control over t...
CVE-2025-47282
Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...
CVE-2025-47282 Malicious google credential in DNS secret can lead to privilege escalation
Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...
CVE-2025-47282
CVE-2025-47282 affects Gardener External DNS Management (< 0.23.6) and, when enabled, the shoot-dns-service extension (= 0.23.6; for the extension, upgrade the shoot-dns-service extension beyond v1.60.0. If exploitation details are provided in the connected documents they are not included here...
CVE-2025-47282 Malicious google credential in DNS secret can lead to privilege escalation
Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...
External DNS Management 输入验证错误漏洞
External DNS Management is a Gardener open source environment for managing external DNS entries for kubernetes clusters. An input validation error vulnerability exists in External DNS Management versions prior to 0.23.6, which stems from malicious Google credentials in DNS and could lead to...
PT-2025-22064 · Unknown · Gardener External Dns Management +1
Name of the Vulnerable Software and Affected Versions: Gardener External DNS Management versions prior to 0.23.6 gardener/gardener-extension-shoot-dns-service extension versions = v1.60.0 Description: A security issue was discovered in Gardener's External DNS Management that could allow a user wi...
[SECURITY] Fedora 40 Update: cobbler-3.3.7-1.fc40
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
F5 BIG-IP 代码问题漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial-of-service vulnerability exists in the F5 BIG-IP DNS TMUI, which can be exploited by an authenticated attacker with ...
[SECURITY] Fedora 36 Update: golang-github-cloudflare-0.21.0-4.fc36
A Go library for interacting with Cloudflare's API v4. This library allows you to: - Manage and automate changes to your DNS records within Cloudflare - Manage and automate changes to your zones domains on Cloudflare, includi ng adding new zones to your account - List and modify the status of WAF...
Fedora: Security Advisory for cobbler (FEDORA-2022-445ec90e7c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...