CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

136 matches found

IBM Security Bulletins•added 2026/05/27 6:40 a.m.•10 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana within Instana Agent container image build 1.0.319 Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and...

9.8CVSS7.5AI score0.00236EPSS

Exploits4Affected Software1

NVD•added 2026/05/26 10:16 p.m.•9 views

CVE-2026-44213

The OpenTelemetry.Exporter.Instana exports telemetry to Instana backend. Prior to 1.1.0, the OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sending telemetry to a configured Instana back-end when a proxy is configured using the...

6.5CVSS0.00007EPSS

Exploits0References1

CVE•added 2026/05/26 9:34 p.m.•10 views

CVE-2026-44213

The CVE affects the OpenTelemetry.Exporter.Instana NuGet package. Before version 1.1.0, when INSTANA_ENDPOINT_PROXY is set, the Transport.ConfigureBackendClient() code creates an HttpClient that disables TLS certificate validation, allowing a network attacker to perform a MitM on the proxy and re...

6.5CVSS5.8AI score0.00007EPSS

Exploits0References1

ATTACKERKB•added 2026/05/26 9:34 p.m.•5 views

CVE-2026-44213

6.5CVSS5.8AI score0.00007EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/05/26 9:34 p.m.•7 views

CVE-2026-44213 OpenTelemetry.Exporter.Instana bypasses TLS certificate validation when a proxy is configured

6.5CVSS5.8AI score0.00007EPSS

Exploits0References1

Cvelist•added 2026/05/26 9:34 p.m.•26 views

CVE-2026-44213 OpenTelemetry.Exporter.Instana bypasses TLS certificate validation when a proxy is configured

6.5CVSS0.00007EPSS

Exploits0References1

EUVD•added 2026/05/26 9:34 p.m.•7 views

EUVD-2026-32014

6.5CVSS5.8AI score0.00007EPSS

Exploits0References1

IBM Security Bulletins•added 2026/05/26 6:3 a.m.•14 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana within Instana Agent container image build 1.0.318 Vulnerability Details CVEID:CVE-2020-25576 DESCRIPTION: An issue was discovered in the randcore crate before 0.4.2 for Rust. Casting of byte slices to integer slice...

9.8CVSS7.2AI score0.00544EPSS

Exploits1Affected Software1

CNNVD•added 2026/05/26 12:0 a.m.•4 views

OpenTelemetry Collector Contrib 信任管理问题漏洞

OpenTelemetry Collector Contrib is an extensible telemetry data collection component library developed by OpenTelemetry - CNCF. Versions of OpenTelemetry Collector Contrib prior to 1.1.0 contained a trust management vulnerability. This vulnerability stemmed from the lack of validation of HTTPS/TL...

6.5CVSS5.8AI score0.00007EPSS

Exploits0References1

OSV•added 2026/05/08 8:48 p.m.•1 views

GHSA-WFR5-454P-MJC2 OpenTelemetry.Exporter.Instana bypasses TLS certificate validation when a proxy is configured

Summary The OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sending telemetry to a configured Instana back-end when a proxy is configured using the INSTANAENDPOINTPROXY environment variable. If a network attacker can Man-in-the-Middle MitM the...

6.5CVSS5.8AI score0.00007EPSS

Exploits0References2

Snyk•added 2026/05/08 8:48 p.m.•4 views

Improper Certificate Validation

Overview OpenTelemetry.Exporter.Instana is an Instana Exporter for OpenTelemetry .NET Affected versions of this package are vulnerable to Improper Certificate Validation in the ConfigureBackendClient process when a proxy is configured using the INSTANAENDPOINTPROXY environment variable. An attack...

9.1CVSS5.8AI score0.00007EPSS

Exploits0References2

Github Security Blog•added 2026/05/08 8:48 p.m.•5 views

OpenTelemetry.Exporter.Instana bypasses TLS certificate validation when a proxy is configured

6.5CVSS5.8AI score0.00007EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2026/05/08 12:0 a.m.•6 views

PT-2026-39240

Name of the Vulnerable Software and Affected Versions OpenTelemetry.Exporter.Instana affected versions not specified Description The OpenTelemetry.Exporter.Instana NuGet package fails to validate HTTPS/TLS certificates when sending telemetry to an Instana back-end if a proxy is configured via the...

6.5CVSS5.8AI score0.00007EPSS

Exploits0References7

IBM Security Bulletins•added 2026/05/04 7:40 a.m.•10 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana within Instana Agent container image build 1.0.317 Vulnerability Details CVEID:CVE-2026-22184 DESCRIPTION: zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located unde...

9.8CVSS8AI score0.00533EPSS

Exploits4Affected Software1

IBM Security Bulletins•added 2026/04/06 10:0 a.m.•6 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana within Instana Agent container image build 1.0.315 Vulnerability Details CVEID:CVE-2026-23949 DESCRIPTION: jaraco.context, an open-source software package that provides some useful decorators and context managers, h...

8.6CVSS6.2AI score0.00101EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2026/03/17 11:17 a.m.•8 views

Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.313 Vulnerability Details CVEID:CVE-2025-49177 DESCRIPTION: A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a clie...

8.2CVSS6.8AI score0.00977EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/03/10 12:40 p.m.•12 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.314 Vulnerability Details CVEID:CVE-2025-61727 DESCRIPTION: An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the...

10CVSS6.7AI score0.02889EPSS

Exploits8Affected Software1

IBM Security Bulletins•added 2026/03/10 7:52 a.m.•14 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.311 Vulnerability Details CVEID:CVE-2025-61725 DESCRIPTION: The ParseAddress function constructs domain-literal address components through repeated string concatenatio...

7.8CVSS6.2AI score0.00102EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2026/03/03 1:53 p.m.•8 views

Security Bulletin: IBM Instana Observability has addressed Multiple Vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.313 Vulnerability Details CVEID:CVE-2025-5318 DESCRIPTION: A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered ...

8.1CVSS6AI score0.00178EPSS

Exploits6Affected Software1

IBM Security Bulletins•added 2026/01/29 1:44 p.m.•11 views

Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.311 Vulnerability Details CVEID:CVE-2025-4878 DESCRIPTION: A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekeyfromfile function...

8.6CVSS7AI score0.00208EPSS

Exploits2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by