28 matches found
CVE-2026-15584
The CVE-2026-15584 issue concerns the incluster-checks tool in OpenShift. It describes a privilege-escalation flaw where the tool creates privileged debug pods with host filesystem access in the shared default namespace. Any user possessing the standard edit role can execute into these pods and o...
CVE-2026-15584
A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes...
PT-2026-57811
Name of the Vulnerable Software and Affected Versions OpenShift affected versions not specified Description A privilege escalation issue exists in the incluster-checks tool. This tool creates privileged debug pods that grant access to the host filesystem within the shared default namespace...
SailPoint IdentityIQ 安全漏洞
SailPoint IdentityIQ is a security software developed by SailPoint Corporation. It provides credit monitoring, identity protection, and antivirus features. SailPoint IdentityIQ has a security vulnerability that stems from allowing authenticated identity roles to edit role definitions without havi...
CVE-2026-7309
A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...
EUVD-2026-26043
A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...
CVE-2026-7309 Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection
A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...
CVE-2026-7309
A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...
CVE-2026-7309
OpenShift Container Platform build system vulnerability CVE-2026-7309 allows a user with the edit clusterrole to inject arbitrary environment variables (e.g., LD_PRELOAD, http_proxy) into docker-build containers via buildconfigs/instantiate, exposing confidentiality of build traffic. The issue is...
CVE-2026-7309
A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...
Description of the security update for SharePoint Server Subscription Edition: November 11, 2025 (KB5002800)
None None...
EUVD-2021-11312
Malware in sbrugna...
EUVD-2025-29116
Malicious code in bioql PyPI...
CVE-2025-10396
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2025-10396
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2025-10396
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2025-10396 SourceCodester Pet Grooming Management Software edit_role.php sql injection
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2025-10396 SourceCodester Pet Grooming Management Software edit_role.php sql injection
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2025-10396
CVE-2025-10396 affects SourceCodester Pet Grooming Management Software 1.0. The vulnerability is a SQL injection in the /admin/edit_role.php endpoint triggered by manipulating the ID parameter, reported as exploitable remotely. Public disclosures indicate an active attack surface. Attacker-contro...
SourceCodester Pet Grooming Management Software SQL注入漏洞
SourceCodester Pet Grooming Management Software is a SourceCodester open source pet grooming management system. SourceCodester Pet Grooming Management Software version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter ID in the file...