134 matches found
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...
Portworx Half-Blind SSRF in kube-controller-manager
CVSS Rating: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N - Medium 5.8 A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This was patched for other in-tree StorageClasses GlusterFS, Quobyte, StorageOS, and...
EUVD-2019-4774
Malware in sbrugna...
EUVD-2019-4770
Malware in sbrugna...
EUVD-2019-4776
Malware in sbrugna...
GHSA-G4JQ-H2W9-997C Vite middleware may serve files starting with the same name with the public directory
Summary Files starting with the same name with the public directory were served bypassing the server.fs settings. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network using --host or server.host config option - uses the public...
RDMA/hns: Fix soft lockup under heavy CEQE load
...
SUSE CVE-2024-0137
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host's network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successfu...
CVE-2024-0137
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successfu...
CVE-2024-0137
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successfu...
NVIDIA Container Toolkit 安全漏洞
NVIDIA Container Toolkit is a container toolkit from NVIDIA, Inc. Allows users to build and run GPU-accelerated containers. NVIDIA Container Toolkit has a security vulnerability that stems from the inclusion of an incorrect isolation vulnerability, where a specially crafted container image could...
kernel: Information disclosure in vhost/vhost.c:vhost_new_msg()
A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...
CIRCUTOR Q-SMT 安全漏洞
CIRCUTOR Q-SMT is an industrial hardware device from CIRCUTOR, Inc. A security vulnerability exists in CIRCUTOR Q-SMT version 1.0.4, which stems from the implementation of the HTTP protocol only, and allows an attacker to access the host network and obtain legitimate credentials or steal sessions...
GO-2022-0784 containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd
containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd...
SUSE CVE-2020-15257
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim's API socket verified that the connecting...
PT-2023-21235 · Cilium · Cilium
Name of the Vulnerable Software and Affected Versions: Cilium version 1.13.0 Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this...
SUSE CVE-2019-14891
A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management conmon processes being killed if a workload process triggers an out-of-memory OOM condition for the cgroup. An attacker could abuse this flaw to get...
SUSE CVE-2022-0532
An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace...