CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Wolfi•added 2026/04/11 2:51 a.m.•5 views

CVE-2026-33810 vulnerabilities

Vulnerabilities for packages: mariadb-operator, github-mcp-server, victoriametrics, flux, grafana-operator, grafana-rollout-operator, malcontent, dbmate, flux-helm-controller, pluto, flux-image-reflector-controller, aws-network-policy-agent, local-path-provisioner, dkron, stakater-reloader,...

8.2CVSS7.1AI score0.00013EPSS

Exploits0

Snyk•added 2026/04/02 12:3 a.m.•1 views

Improper Following of a Certificate's Chain of Trust

Overview Affected versions of this package are vulnerable to Improper Following of a Certificate's Chain of Trust in the TLS Client/Server authentication for database cluster connections. An attacker can gain unauthorized access to the cluster, read and modify sensitive data, escalate privileges,...

10CVSS5.9AI score0.00038EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-1107

Malicious code in bioql PyPI...

6.2CVSS5.5AI score0.00311EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 2:25 a.m.•4 views

CVE-2023-27484

crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. In affected versions an already highly privileged user able to create or update Compositions can specify an arbitrarily high index in a patch's ToFieldPath, which could lead to...

6.2CVSS6.8AI score0.00311EPSS

Exploits0References1

NVD•added 2023/03/09 9:15 p.m.•10 views

CVE-2023-27484

6.2CVSS6.2AI score0.00311EPSS

Exploits0References1

NVD•added 2023/03/09 9:15 p.m.•10 views

CVE-2023-27483

crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. An out of memory panic vulnerability has been discovered in affected versions. Applications that use the Paved type's SetValue method with user provided input without proper...

7.5CVSS6.2AI score0.00433EPSS

Exploits0References2

Prion•added 2023/03/09 9:15 p.m.•8 views

Code injection

3.3CVSS5.1AI score0.00311EPSS

Exploits0References1Affected Software1

CVE•added 2023/03/09 8:22 p.m.•50 views

CVE-2023-27484

Summary : CVE-2023-27484 affects crossplane-runtime (Go libraries) used for building Kubernetes controllers in Crossplane stacks. A highly privileged user who can create or update Compositions can specify an arbitrarily high index in a patch’s ToFieldPath. If the index exceeds the current target ...

6.2CVSS5.7AI score0.00311EPSS

Exploits0References1Affected Software1

OSV•added 2023/03/09 8:22 p.m.•12 views

CVE-2023-27484 Unchecked fieldpath index in Composition's patches can lead to arbitrary memory allocation in crossplane

6.2CVSS5.4AI score0.00311EPSS

Exploits0References3

Cvelist•added 2023/03/09 8:22 p.m.•9 views

CVE-2023-27484 Unchecked fieldpath index in Composition's patches can lead to arbitrary memory allocation in crossplane

6.2CVSS6.4AI score0.00311EPSS

Exploits0References1

OSV•added 2023/03/09 8:18 p.m.•13 views

CVE-2023-27483 fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime

5.9CVSS7.3AI score0.00433EPSS

Exploits0References4

CVE•added 2023/03/09 8:18 p.m.•60 views

CVE-2023-27483

CVE-2023-27483 affects crossplane-runtime: the fieldpath package’s Paved.SetValue can grow slices to very large sizes when given unvalidated input, causing an out-of-memory panic. Affected code path is the Paved.SetValue method that writes values along a path without validation, with the index ca...

7.5CVSS6.5AI score0.00433EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/03/09 8:18 p.m.•13 views

CVE-2023-27483 fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime

5.9CVSS7.6AI score0.00433EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by