406 matches found
CVE-2026-44903 vulnerabilities
Vulnerabilities for packages: metrics-server, minio-object-browser, prometheus, prometheus-pushgateway, trillian, mcp-grafana, splunk-otel-collector, tempo, node-problem-detector, keda, minio-operator, karma, istio, opentelemetry-collector-contrib, telegraf, opentelemetry-operator, cloud-sql-prox...
CVE-2026-40179 vulnerabilities
Vulnerabilities for packages: minio-object-browser, prometheus, prometheus-pushgateway, trillian, mcp-grafana, splunk-otel-collector, tempo, node-problem-detector, keda, minio-operator, karma, istio, telegraf, cloud-sql-proxy, certificate-transparency, mc, jaeger, loki, grafana-pyroscope,...
GHSA-VFFH-X6R8-XX99 vulnerabilities
Vulnerabilities for packages: minio-object-browser, prometheus, prometheus-pushgateway, trillian, mcp-grafana, splunk-otel-collector, tempo, node-problem-detector, keda, minio-operator, karma, istio, telegraf, cloud-sql-proxy, certificate-transparency, mc, jaeger, loki, grafana-pyroscope,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: cilium-fips, newrelic-k8s-metadata-injection-fips, flux, rabbitmq-messaging-topology-operator-fips, clickhouse-operator, actions-runner-controller-fips, flux-image-automation-controller, pgwatch, commercial-chainloop-cli, grafana-rollout-operator,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: cilium-fips, newrelic-k8s-metadata-injection-fips, flux, rabbitmq-messaging-topology-operator-fips, clickhouse-operator, actions-runner-controller-fips, flux-image-automation-controller, pgwatch, commercial-chainloop-cli, grafana-rollout-operator,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: dfc, lvm-driver, virt-api, crossplane-function-auto-ready, crossplane-provider-aws-eks-fips, prometheus-mongodb-exporter-fips, cilium-fips, crane-fips, crossplane-provider-aws-cloudwatchlogs-fips, gcsfuse, ko, promxy, kubernetes-dashboard-fips,...
CLEANSTART-2026-OH74241 Security fixes for GHSA-MQQF-5WVP-8FH8 applied in versions: 0.122-r0
Security vulnerability affects the karma-fips package. This issue is resolved in later releases. See references for vulnerability details...
CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
UBUNTU-CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236 PEAR is Vulnerable to SQL Injection in Damblan_Karma IN() Query via Literal Substitution
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236 PEAR is Vulnerable to SQL Injection in Damblan_Karma IN() Query via Literal Substitution
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
EUVD-2026-5199
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2026-25236
CVE-2026-25236 affects the PEAR PHP framework. The vulnerability is a SQL injection risk in karma queries caused by unsafe literal substitution for an IN (...) list. Root cause: unsafe literal handling in Karma DAMBLAN-related queries prior to version 1.33.0. Impact: potential SQL injection. Miti...
CVE-2026-25236 PEAR is Vulnerable to SQL Injection in Damblan_Karma IN() Query via Literal Substitution
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
PT-2026-6285
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN ... list. This issue has been patched in version 1.33.0...
CVE-2020-7626
karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...
CVE-2022-0437
Cross-site Scripting XSS - DOM in NPM karma prior to 6.3.14...