Lucene search
+L

28 matches found

CVE
CVE
added 5 days ago14 views

CVE-2026-15584

The CVE-2026-15584 issue concerns the incluster-checks tool in OpenShift. It describes a privilege-escalation flaw where the tool creates privileged debug pods with host filesystem access in the shared default namespace. Any user possessing the standard edit role can execute into these pods and o...

7.5CVSS6AI score0.00246EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 5 days ago7 views

CVE-2026-15584

A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes...

7.5CVSS6AI score0.00246EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-57811

Name of the Vulnerable Software and Affected Versions OpenShift affected versions not specified Description A privilege escalation issue exists in the incluster-checks tool. This tool creates privileged debug pods that grant access to the host filesystem within the shared default namespace...

7.5CVSS6.2AI score0.00246EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.8 views

SailPoint IdentityIQ 安全漏洞

SailPoint IdentityIQ is a security software developed by SailPoint Corporation. It provides credit monitoring, identity protection, and antivirus features. SailPoint IdentityIQ has a security vulnerability that stems from allowing authenticated identity roles to edit role definitions without havi...

8.8CVSS5.8AI score0.00163EPSS
Exploits0References1
NVD
NVD
added 2026/04/28 1:19 p.m.6 views

CVE-2026-7309

A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...

4.3CVSS0.00179EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/28 12:33 p.m.7 views

EUVD-2026-26043

A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...

4.3CVSS5.5AI score0.00179EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/28 12:33 p.m.5 views

CVE-2026-7309 Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection

A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...

4.3CVSS5.5AI score0.00179EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/28 12:33 p.m.7 views

CVE-2026-7309

A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...

4.3CVSS5.5AI score0.00179EPSS
Exploits0References3
CVE
CVE
added 2026/04/28 12:33 p.m.22 views

CVE-2026-7309

OpenShift Container Platform build system vulnerability CVE-2026-7309 allows a user with the edit clusterrole to inject arbitrary environment variables (e.g., LD_PRELOAD, http_proxy) into docker-build containers via buildconfigs/instantiate, exposing confidentiality of build traffic. The issue is...

4.3CVSS5.5AI score0.00179EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/28 12:33 p.m.6 views

CVE-2026-7309

A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...

4.3CVSS5.2AI score0.00179EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2025/11/11 8:0 a.m.17 views

Description of the security update for SharePoint Server Subscription Edition: November 11, 2025 (KB5002800)

None None...

8CVSS7AI score0.02014EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-11312

Malware in sbrugna...

7.2CVSS6.9AI score0.01516EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29116

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00435EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/09/16 9:15 a.m.19 views

CVE-2025-10396

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...

9.8CVSS7.3AI score0.00435EPSS
Exploits1References1
OSV
OSV
added 2025/09/14 9:15 a.m.4 views

CVE-2025-10396

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...

9.8CVSS5.8AI score0.00435EPSS
Exploits1References5
NVD
NVD
added 2025/09/14 9:15 a.m.6 views

CVE-2025-10396

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...

9.8CVSS0.00435EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/14 8:32 a.m.13 views

CVE-2025-10396 SourceCodester Pet Grooming Management Software edit_role.php sql injection

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...

7.5CVSS0.00435EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/14 8:32 a.m.2 views

CVE-2025-10396 SourceCodester Pet Grooming Management Software edit_role.php sql injection

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...

7.5CVSS7.3AI score0.00435EPSS
Exploits1References5
CVE
CVE
added 2025/09/14 8:32 a.m.25 views

CVE-2025-10396

CVE-2025-10396 affects SourceCodester Pet Grooming Management Software 1.0. The vulnerability is a SQL injection in the /admin/edit_role.php endpoint triggered by manipulating the ID parameter, reported as exploitable remotely. Public disclosures indicate an active attack surface. Attacker-contro...

9.8CVSS6.8AI score0.00435EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/09/14 12:0 a.m.4 views

SourceCodester Pet Grooming Management Software SQL注入漏洞

SourceCodester Pet Grooming Management Software is a SourceCodester open source pet grooming management system. SourceCodester Pet Grooming Management Software version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter ID in the file...

9.8CVSS7.7AI score0.00435EPSS
Exploits1References6
Rows per page
Query Builder