Lucene search
K

587 matches found

Nuclei
Nuclei
added 2 days ago111 views

Harbor <=1.82.0 - Privilege Escalation

Harbor 1.7.0 through 1.8.2 is susceptible to privilege escalation via core/api/user.go, which allows allows non-admin users to create admin accounts via the POST /api/users API when Harbor is setup with DB as an authentication backend and allows user to do self-registration. id: CVE-2019-16097...

6.5CVSS6.5AI score0.23284EPSS
Exploits5References5
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-5CGQ-3RG8-M6CV vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce-fips, mattermost-fips, loki, guac, omnictl-multiarch-fips, zitadel, argocd-image-updater, harbor-fips, kubernetes, flux, nemo, k3s, omnictl-multiarch, kyverno-fips, mattermost, prometheus, argo-workflows, knative-kafka-broker-fips, vitess, harbor,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.4 views

GHSA-X527-X647-Q7GG vulnerabilities

Vulnerabilities for packages: calico-fips, chisel-fips, tekton-pipelines-fips, knative-eventing-fips, rancher-agent, zitadel, kubescape-server-fips, trivy-fips, kubernetes, drone-fips, nemo, k3s, kubescape-server, frankenphp-8.5, osv-scanner, prometheus, gitlab-workhorse-ce-fips, argo-workflows,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: calico-fips, chisel-fips, grype-db, tekton-pipelines-fips, knative-eventing-fips, ko-fips, rancher-agent, kubescape-server-fips, zitadel, crossplane-provider-azure-managedidentity, teleport, flux-notification-controller-fips, kubernetes, drone-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.5 views

GHSA-F5WC-C3C7-36MC vulnerabilities

Vulnerabilities for packages: calico-fips, grype-db, tekton-pipelines-fips, knative-eventing-fips, rancher-agent, zitadel, kubescape-server-fips, trivy-fips, kubernetes, gomplate, nemo, k3s, kubescape-server, frankenphp-8.5, osv-scanner, prometheus, gitlab-workhorse-ce-fips, argo-workflows,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.5 views

GHSA-VGWF-H737-FF37 vulnerabilities

Vulnerabilities for packages: calico-fips, chisel-fips, grype-db, tekton-pipelines-fips, knative-eventing-fips, rancher-agent, zitadel, kubescape-server-fips, trivy-fips, kubernetes, drone-fips, clickhouse-backup-fips, gomplate, k3s, nemo, kubescape-server, frankenphp-8.5, gatus-fips, osv-scanner...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.6 views

GHSA-JPPX-RXG9-JMRX vulnerabilities

Vulnerabilities for packages: calico-fips, tekton-pipelines-fips, knative-eventing-fips, rancher-agent, zitadel, kubernetes, nemo, k3s, frankenphp-8.5, prometheus, gitlab-workhorse-ce-fips, argo-workflows, knative-kafka-broker-fips, vitess, gitlab-rails-ce, backup-restore-operator, telegraf,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: calico-fips, chisel-fips, tekton-pipelines-fips, knative-eventing-fips, rancher-agent, zitadel, kubescape-server-fips, trivy-fips, kubernetes, drone-fips, nemo, k3s, kubescape-server, frankenphp-8.5, osv-scanner, prometheus, gitlab-workhorse-ce-fips, argo-workflows,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-89GR-R52H-F8RX vulnerabilities

Vulnerabilities for packages: calico-fips, chisel-fips, grype-db, tekton-pipelines-fips, knative-eventing-fips, ko-fips, rancher-agent, kubescape-server-fips, zitadel, crossplane-provider-azure-managedidentity, teleport, flux-notification-controller-fips, kubernetes, drone-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.4 views

GHSA-9M57-25V3-79X9 vulnerabilities

Vulnerabilities for packages: calico-fips, tekton-pipelines-fips, knative-eventing-fips, rancher-agent, zitadel, kubernetes, nemo, k3s, frankenphp-8.5, prometheus, gitlab-workhorse-ce-fips, argo-workflows, knative-kafka-broker-fips, vitess, gitlab-rails-ce, backup-restore-operator, telegraf,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/04/24 7:48 p.m.11 views

CVE-2026-32952 vulnerabilities

Vulnerabilities for packages: gitlab-runner, cert-manager, rclone, kyverno-notation-aws, trufflehog, yunikorn-k8shim, cert-manager-csi-driver, external-secrets-operator, k6, seaweedfs, gitea, nuclei, sftpgo-plugin-auth, flux, teleport, cert-manager-cmctl, minio, spqr, rancher-agent, frp, bento,...

7.5CVSS6.1AI score0.01027EPSS
Exploits0
Wolfi
Wolfi
added 2026/04/24 7:48 p.m.14 views

GHSA-PJCQ-XVWQ-HHPJ vulnerabilities

Vulnerabilities for packages: gitlab-runner, cert-manager, rclone, kyverno-notation-aws, trufflehog, yunikorn-k8shim, cert-manager-csi-driver, external-secrets-operator, k6, seaweedfs, gitea, nuclei, sftpgo-plugin-auth, flux, teleport, cert-manager-cmctl, minio, spqr, rancher-agent, frp, bento,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/24 7:17 p.m.8 views

CVE-2026-32952 vulnerabilities

Vulnerabilities for packages: percona-server-mongodb-operator-fips, rancher-agent, zitadel, teleport, syncthing-fips, grafana, cert-manager-istio-csr, external-secrets-operator, cert-manager-fips, elastic-agent, yunikorn-k8shim, telegraf, dex, flux-source-controller-fips, ratify-fips,...

7.5CVSS6.1AI score0.01027EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/24 7:17 p.m.10 views

GHSA-PJCQ-XVWQ-HHPJ vulnerabilities

Vulnerabilities for packages: percona-server-mongodb-operator-fips, rancher-agent, zitadel, teleport, syncthing-fips, grafana, cert-manager-istio-csr, external-secrets-operator, cert-manager-fips, elastic-agent, yunikorn-k8shim, telegraf, dex, flux-source-controller-fips, ratify-fips,...

6.1AI score
Exploits0
OSV
OSV
added 2026/04/16 12:55 a.m.12 views

CLEANSTART-2026-DR81473 HashiCorp’s go-getter library up to v1

Multiple security vulnerabilities affect the harbor-scanner-trivy-fips package. HashiCorp’s go-getter library up to v1. See references for individual vulnerability details...

9.8CVSS5.7AI score0.00694EPSS
Exploits2References24
OSV
OSV
added 2026/04/02 6:42 p.m.3 views

GO-2026-4876 Harbor: LDAP password and OIDC secret are not redacted in the audit log in github.com/goharbor/harbor

Harbor: LDAP password and OIDC secret are not redacted in the audit log in github.com/goharbor/harbor...

5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29931

Harbor: LDAP password and OIDC secret are not redacted in the audit log in github.com/goharbor/harbor...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/04/01 9:50 a.m.5 views

CLEANSTART-2026-FB05615 Security fixes for CVE-2025-15558, CVE-2025-53547, CVE-2025-55198, CVE-2025-55199, CVE-2026-27141, ghsa-557j-xg8c-q2mm, ghsa-9h84-qmv7-982p, ghsa-f6x5-jh6r-wrfv, ghsa-f9f8-9pmf-xv68, ghsa-j5w8-q4qc-rx2x, ghsa-p436-gjf2-799p applied in versions: 2.13.4-r0, 2.13.4-r1, 2.13.4-r2

Multiple security vulnerabilities affect the harbor package. These issues are resolved in later releases. See references for individual vulnerability details...

8.6CVSS6.8AI score0.00501EPSS
Exploits1References17
OSV
OSV
added 2026/04/01 9:37 a.m.7 views

CLEANSTART-2026-LB23787 Security fixes for CVE-2021-3538, CVE-2025-15558, CVE-2025-29923, CVE-2025-53547, CVE-2025-55198, CVE-2025-55199, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142, CVE-2026-33186, ghsa-557j-xg8c-q2mm, ghsa-9h84-qmv7-982p, ghsa-f6x5-jh6r-wrfv, ghsa-f9f8-9pmf-xv68, ghsa-j5w8-q4qc-rx2x, ghsa-p436-gjf2-799p applied in versions: 2.13.4-r0, 2.13.4-r1, 2.13.4-r2, 2.13.5-r0, 2.13.5-r1

Multiple security vulnerabilities affect the harbor package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.8AI score0.02307EPSS
Exploits3References33
OSV
OSV
added 2026/04/01 9:37 a.m.3 views

CLEANSTART-2026-PE63912 Security fixes for CVE-2021-3538, CVE-2025-29923, CVE-2025-53547, CVE-2025-55198, CVE-2025-55199, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142, CVE-2026-33186, ghsa-557j-xg8c-q2mm, ghsa-9h84-qmv7-982p, ghsa-f6x5-jh6r-wrfv, ghsa-f9f8-9pmf-xv68, ghsa-j5w8-q4qc-rx2x applied in versions: 2.14.2-r0, 2.14.2-r1, 2.15.0-r0, 2.15.0-r1

Multiple security vulnerabilities affect the harbor package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.9AI score0.02307EPSS
Exploits3References30
Rows per page
Query Builder