12 matches found
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, cloudbeat, reports-server, trivy-operator-fips, nemo, kyverno-fips, argo-cd-fips, frankenphp-8.5, commercial-grafana, coder, cilium-cli, terraform, gitea-fips, minio-fips, harbor, drone, k9s, knative-serving-fips, kubescape-server-fips, chisel-fips,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: chisel, mattermost, skaffold, cert-manager, external-dns, k3s, snyk-cli, fscrypt, zot, argo-cd, kine, osv-scanner, containerd, kubernetes-dashboard, argocd-image-updater, kyverno, kubescape, helm, aactl, knative-serving, trivy, minio, trivy-operator,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: mattermost, cert-manager, external-dns, k3s, snyk-cli, fscrypt, zot, argo-cd, docker-cli-buildx, kine, containerd, kubernetes-dashboard, kyverno, helm, aactl, knative-serving, minio, buildah, spire-server, prometheus, teleport, nerdctl, cilium, podman,...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: go, knative-operator, keda, falco-no-driver, mattermost, newrelic-fluent-bit-output, cert-manager, knative-eventing, dask-gateway, fuse-overlayfs-snapshotter, ingress-nginx-controller, external-dns, k3s, kube-arangodb, fscrypt, k8s-device-plugin, snyk-cli, argo-cd,...
MAL-2025-10162 Malicious code in @zalastax/nolb-_kaf (npm)
The package @zalastax/nolb-kaf was found to contain malicious code...
Malicious code in @zalastax/nolb-_kaf (npm)
The package @zalastax/nolb-kaf was found to contain malicious code...
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: tkn, prometheus-alertmanager, crossplane-provider-aws, protoc-gen-go-grpc, pgpool2exporter, actions-runner-controller, eksctl, kaniko, grype, kubernetes-dashboard, weaviate, pulumi, falcoctl, amass, secrets-store-csi-driver, crossplane-provider-azure,...
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: oauth2-proxy, crossplane-provider-gcp, policy-controller, datadog-agent-fips, caddy-fips, k9s, kuberay-operator, falcoctl-fips, prometheus-beat-exporter-fips, step-ca, k3d, minio, node-problem-detector, kube-state-metrics, secrets-store-csi-driver-provider-azure,...
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: prometheus-elasticsearch-exporter-fips, oauth2-proxy, chartmuseum, thanos-operator, prometheus-postgres-exporter, k8sgpt-operator, kpt, trust-manager, aws-efs-csi-driver-fips, terraform, bank-vaults-fips, memcached-exporter, aws-efs-csi-driver, nats,...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: gke-gcloud-auth-plugin, grype, bom, weaviate, pulumi, amass, secrets-store-csi-driver, newrelic-infrastructure-agent, flux-source-controller, gobuster, spark-operator, coredns, ip-masq-agent, src, cortex, rqlite, haproxy-ingress, skaffold, terraform-provider-azurerm,...
phpsource.traverse.txt
--SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable =3D=3D Vendor: Kaf Oseo =3D=3D Product: http://guff.szub.net/quick-dirty-phpsource-printer/ =3D=3D Version: 1.0 =3D=3D Vulnerability: Filtering "../" to "" allowed...
[Full-disclosure] Directory traversal vulnerability in "Quick & Dirty PHPSource Printer" 1.0
== Vendor: Kaf Oseo == Product: http://guff.szub.net/quick-dirty-phpsource-printer/ == Version: 1.0 == Vulnerability: Filtering "../" to "" allowed use of ".../...//" to be inserted and changed to "../" allowing directory traversal. == Fix: Use the following line instead: $file = strstr$fileget,...