1126 matches found
Prometheus Blackbox Exporter - Server-Side Request Forgery (SSRF)
Prometheus Blackbox Exporter through 0.17.0 contains a server-side request forgery caused by unsanitized target parameter in /probe, letting attackers perform SSRF attacks, exploit requires sending crafted target parameter. id: CVE-2020-16248 info: name: Prometheus Blackbox Exporter - Server-Side...
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: vexctl, hubble, gitness, vertical-pod-autoscaler, witness, helm-mapkubeapis, cloud-provider-gcp-cloud-controller-manager, azure-workload-identity-webhook, gcsfuse, sealed-secrets, prometheus, docker-machine-driver-linode, malcontent, kube-metrics-adapter,...
[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.2-1.fc43
Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...
[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.2-1.fc44
Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...
CVE-2026-14604 Open Asset Import Library Assimp PLY Model PlyLoader.cpp ExportToBlob double free
A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...
CVE-2026-14604
Technical details about CVE-2026-14604 are not publicly available in the provided documents. Monitor for updates from official sources.
CVE-2026-14604 Open Asset Import Library Assimp PLY Model PlyLoader.cpp ExportToBlob double free
A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...
GHSA-VH4V-2XQ2-G5CG vulnerabilities
Vulnerabilities for packages: ratify, kube-arangodb-fips, consul-k8s, gatekeeper, kubescape-operator, drone, crossplane-fips, tigera-operator-fips, headlamp, kargo, xeol-fips, kubescape-operator-fips, opentofu-fips, argo-cd, cluster-api-helm-controller, redpanda-operator, kubescape, falcoctl-fips...
CVE-2026-50162 vulnerabilities
Vulnerabilities for packages: ratify, kube-arangodb-fips, consul-k8s, gatekeeper, kubescape-operator, drone, crossplane-fips, tigera-operator-fips, headlamp, kargo, xeol-fips, kubescape-operator-fips, opentofu-fips, argo-cd, cluster-api-helm-controller, redpanda-operator, kubescape, falcoctl-fips...
CVE-2026-48978 vulnerabilities
Vulnerabilities for packages: ratify, kube-arangodb-fips, consul-k8s, gatekeeper, kubescape-operator, drone, crossplane-fips, tigera-operator-fips, headlamp, kargo, xeol-fips, kubescape-operator-fips, opentofu-fips, argo-cd, cluster-api-helm-controller, redpanda-operator, kubescape, falcoctl-fips...
GHSA-XF85-363P-868W vulnerabilities
Vulnerabilities for packages: ratify, kube-arangodb-fips, consul-k8s, gatekeeper, kubescape-operator, drone, crossplane-fips, tigera-operator-fips, headlamp, kargo, xeol-fips, kubescape-operator-fips, opentofu-fips, argo-cd, cluster-api-helm-controller, redpanda-operator, kubescape, falcoctl-fips...
GHSA-8XWF-RJM4-XVHV vulnerabilities
Vulnerabilities for packages: ratify, kube-arangodb-fips, consul-k8s, gatekeeper, kubescape-operator, drone, crossplane-fips, tigera-operator-fips, headlamp, kargo, xeol-fips, kubescape-operator-fips, opentofu-fips, argo-cd, cluster-api-helm-controller, redpanda-operator, kubescape, falcoctl-fips...
GHSA-JXPM-75MH-9FP7 vulnerabilities
Vulnerabilities for packages: ratify, kube-arangodb-fips, consul-k8s, gatekeeper, kubescape-operator, drone, crossplane-fips, tigera-operator-fips, headlamp, kargo, xeol-fips, kubescape-operator-fips, opentofu-fips, argo-cd, cluster-api-helm-controller, redpanda-operator, kubescape, falcoctl-fips...
[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.1-1.fc43
Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...
[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.1-1.fc44
Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...
Fedora 44 : prometheus-podman-exporter (2026-3c6643b33a)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3c6643b33a advisory. release 1.21.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Fedora 43 : prometheus-podman-exporter (2026-460749ef95)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-460749ef95 advisory. release 1.21.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-chime, crossplane-provider-aws-emrserverless, crossplane-provider-aws-kinesis, crossplane-provider-aws-sagemaker, gitlab-pages, crossplane-provider-aws-kafka-fips, drone, sops, vault-benchmark, crossplane-provider-azure-purview,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: terraform-provider-tls, commercial-grafana, omnictl-multiarch-fips, kube-arangodb-fips, go-discover, apko, crossplane-provider-azure-operationalinsights, crossplane-provider-azure-orbital, gatekeeper-fips, docker, tekton-pipelines-fips,...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-chime, crossplane-provider-aws-emrserverless, crossplane-provider-aws-kinesis, crossplane-provider-aws-sagemaker, gitlab-pages, crossplane-provider-aws-kafka-fips, drone, sops, vault-benchmark, crossplane-provider-azure-purview,...