CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: thanos-receive-controller-fips, custom-pod-autoscaler-fips, secrets-store-csi-driver-provider-azure-fips, nats-top-fips, fleet-server-fips, kubernetes-dashboard-web, spegel, consul-k8s-fips, k3s, crossplane-provider-sql-fips, logstash-exporter-fips,...

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: headlamp-fips, k3s, policy-controller, pulumi-kubernetes-operator, keda, spire-server, coredns, seaweedfs, trufflehog-fips, docker-cli-buildx-fips, packer-fips, elastic-agent-fips, conftest-fips, skaffold, rancher-webhook, sftpgo-plugin-kms, eks-distro-fips,...

Oracle E-Business Suite CVE-2025-61882 RCE

This module exploits CVE-2025-61882 in Oracle E-Business Suite by combining SSRF, Path Traversal, HTTP request smuggling and XSLT injection. The exploit hosts a malicious XSL file that the target will fetch and process, leading to RCE. This module provides an interactive shell session. Vulnerable...

GHSA-5MH9-3JWC-RP59 vulnerabilities

Vulnerabilities for packages: scanner-test-golang-vulnerability-fixed, custom-pod-autoscaler-fips, fleet-server-fips, headlamp-fips, kubernetes-dashboard-web, consul-k8s-fips, logstash-exporter-fips, crossplane-provider-sql-fips, terraform-provider-tls-fips, dataplaneapi-fips, policy-controller,...

Exploit for Missing Authentication for Critical Function in Oracle Marketing

✨ CVE-2025-62481 — Oracle Marketing Administration EBS Cri...

Exploit for Improper Authentication in Oracle Concurrent_Processing

CVE‑2025‑61882 Scan/Exploit ⚠️Legal Disclaimer Legal...

CVE-2025-61753

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Miscellaneous. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

Five New Exploited Bugs Land in CISA's Catalog — Oracle and Microsoft Among Targets

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added five security flaws to its Known Exploited Vulnerabilities KEV Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite EBS has been weaponized in real-world attacks. The...

⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Every week, the cyber world reminds us that silence doesn't mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done. This week's edition looks at how attackers are changing the game — linki...

EUVD-2017-18214

Malware in sbrugna...

CVE-2025-30731

Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite component: Configuration. Supported versions that are affected are 12.2.3-12.2.14. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: petname, datadog-agent, kubewatch, nats-server, nri-discovery-kubernetes, q, nri-mongodb, tflint, render-template, newrelic-prometheus-configurator, wireguard-go, pulumi-language-yaml, rabbitmq-cluster-operator, eksctl, kubeadm-bootstrap-controller, gomplate,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: petname, datadog-agent, kubewatch, nats-server, nri-discovery-kubernetes, q, nri-mongodb, tflint, render-template, newrelic-prometheus-configurator, wireguard-go, pulumi-language-yaml, rabbitmq-cluster-operator, eksctl, kubeadm-bootstrap-controller, gomplate,...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: q, kubeadm-bootstrap-controller, k9s, crossplane-provider-aws, grafana-operator, nri-jmx, nri-apache, dagdotdev, addon-resizer, aws-flb-kinesis, mc, grafana-mimir, terragrunt, kubebuilder, minify, wgcf, slsa-verifier, kind, kuberay-operator, nri-elasticsearch,...

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: argocd-image-updater, ip-masq-agent, nodetaint, aws-efs-csi-driver, kubernetes-csi-driver-hostpath, kubeflow-pipelines, spark-operator, kubernetes-dns-node-cache, kubernetes, local-static-provisioner...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: argocd-image-updater, ip-masq-agent, nodetaint, aws-efs-csi-driver, kubernetes-csi-driver-hostpath, kubeflow-pipelines, spark-operator, kubernetes-dns-node-cache, kubernetes, local-static-provisioner...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: datadog-agent, kargo, kubewatch, atlantis, nri-discovery-kubernetes, kots, tflint, falcoctl, crossplane-provider-family-azure, crossplane-provider-aws-cloudfront, newrelic-nri-kube-events, kubernetes-csi-driver-hostpath, pulumi-language-yaml, rabbitmq-cluster-operato...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: petname, datadog-agent, kubewatch, nats-server, nri-discovery-kubernetes, q, nri-mongodb, tflint, render-template, newrelic-prometheus-configurator, wireguard-go, pulumi-language-yaml, rabbitmq-cluster-operator, eksctl, kubeadm-bootstrap-controller, gomplate,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: k3s, logstash-exporter-fips, rook, policy-controller, cert-manager-fips, pulumi-kubernetes-operator, spire-server, kube-oidc-proxy, coredns, trust-manager, flux-kustomize-controller, skaffold, conftest-fips, certificate-transparency, prometheus-redis-exporter,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: nri-discovery-kubernetes, sbom-scorecard, scorecard, nats, kube-logging-logging-operator, prometheus-bind-exporter, go-licenses, flannel-cni-plugin, aactl, gobuster, render-template, grpcurl, aws-flb-kinesis, configmap-reload, prometheus-adapter-fips, ctop,...