CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: aws-flb-kinesis-fips, aws-flb-firehose, image-factory-fips, cloud-provider-gcp-cloud-controller-manager-fips, k8s-driver-manager, kyverno-policy-reporter-plugins-kyverno-fips, prometheus-beat-exporter-fips, amazon-cloudwatch-agent-operator, nsc-fips,...

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: zarf, kyverno-policy-reporter-plugins-kyverno-fips, skaffold-fips, kyverno, livekit-cli, percona-server-mongodb-operator-fips, kiali, apm-server, opentofu-fips, gitaly, prometheus, trivy, kaniko-fips, octo-sts, kube-metrics-adapter, steampipe, calico, gitlab-cng-fips...

Oracle E-Business Suite CVE-2025-61882 RCE

This module exploits CVE-2025-61882 in Oracle E-Business Suite by combining SSRF, Path Traversal, HTTP request smuggling and XSLT injection. The exploit hosts a malicious XSL file that the target will fetch and process, leading to RCE. This module provides an interactive shell session. Vulnerable...

GHSA-5MH9-3JWC-RP59 vulnerabilities

Vulnerabilities for packages: rabbitmq-cluster-operator-fips, nri-jmx, image-factory-fips, kyverno-policy-reporter-plugins-kyverno-fips, prometheus-beat-exporter-fips, nova, kubernetes-replicator-fips, kiali, x509-certificate-exporter-fips, opentofu-fips, newrelic-nri-kube-events-fips,...

Exploit for Missing Authentication for Critical Function in Oracle Marketing

✨ CVE-2025-62481 — Oracle Marketing Administration EBS Cri...

Exploit for Improper Authentication in Oracle Concurrent_Processing

CVE‑2025‑61882 Scan/Exploit ⚠️Legal Disclaimer Legal...

CVE-2025-61753

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Miscellaneous. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

Five New Exploited Bugs Land in CISA's Catalog — Oracle and Microsoft Among Targets

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added five security flaws to its Known Exploited Vulnerabilities KEV Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite EBS has been weaponized in real-world attacks. The...

⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Every week, the cyber world reminds us that silence doesn't mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done. This week's edition looks at how attackers are changing the game — linki...

EUVD-2017-18214

Malware in sbrugna...

CVE-2025-30731

Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite component: Configuration. Supported versions that are affected are 12.2.3-12.2.14. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: nri-couchbase, mockery, nri-apache, nodetaint, kustomize, nri-mssql, hello-world-golang, temporal, bom, pombump, dex, node-problem-detector, kube-bench, sonobuoy, eksctl, wireguard-go, capslock, cri-tools, govulncheck, cadvisor, grafana-operator, caddy,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: nri-couchbase, mockery, nri-apache, nodetaint, kustomize, nri-mssql, hello-world-golang, temporal, bom, pombump, dex, node-problem-detector, kube-bench, sonobuoy, eksctl, wireguard-go, capslock, cri-tools, govulncheck, cadvisor, grafana-operator, caddy,...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator, wgcf, bank-vaults, nri-mssql, vcluster, wireguard-go, flannel, step, cri-tools, kubecolor, kind, mage, ip-masq-agent, gitleaks, tailscale, terragrunt, cortex, nri-kubernetes, newrelic-infrastructure-agent, xcaddy, helm-push,...

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kubernetes-dns-node-cache, aws-efs-csi-driver, ip-masq-agent, nodetaint, spark-operator, kubeflow-pipelines, kubernetes, local-static-provisioner, argocd-image-updater...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kubernetes-dns-node-cache, aws-efs-csi-driver, ip-masq-agent, nodetaint, spark-operator, kubeflow-pipelines, kubernetes, local-static-provisioner, argocd-image-updater...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator, guac, skopeo, sops, bank-vaults, nodetaint, kustomize, temporal, crossplane-provider-aws-rds, dex, node-problem-detector, kube-bench, sonobuoy, eksctl, flannel, frp, capslock, step, cri-tools, policy-controller, cadvisor,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: nri-couchbase, mockery, nri-apache, nodetaint, kustomize, nri-mssql, hello-world-golang, temporal, bom, pombump, dex, node-problem-detector, kube-bench, sonobuoy, eksctl, wireguard-go, capslock, cri-tools, govulncheck, cadvisor, grafana-operator, caddy,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: aws-flb-kinesis-fips, zarf, prometheus-beat-exporter-fips, wavefront-collector-for-kubernetes, prometheus-pushgateway-fips, crossplane-provider-aws-cloudwatchlogs, terraform-provider-aws, helm, litefs, kubeadm-controlplane-controller, trivy, kube-state-metrics,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: bank-vaults-fips, tigera-operator, docker-cli, smarter-device-manager, falco, aws-flb-kinesis, aws-flb-firehose, k3d, sops, render-template, ctop, prometheus-beat-exporter-fips, go-md2man, smarter-device-manager-fips, sonobuoy, cass-operator, fulcio-fips,...