BIT-FLUX-2022-36035 Flux CLI Workload Injection

Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration like Git repositories, and automating updates to configuration when there is new code to deploy. Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The vulnerability allow...

CVE-2025-55670 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

omni 信息泄露漏洞

omni is a Kubernetes deployment tool open-sourced by Sidero Labs, Inc. An information disclosure vulnerability exists in omni versions prior to 1.1.5 and prior to 1.0.2, which stems from an API that may disclose sensitive information...

Exploit for Out-of-bounds Write in Php

Task Management APP CVE-2019-11043 Lab Minimal PHP app with...

CVE-2025-27403

Ratify is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies the user creates. In a Kubernetes environment, Ratify can be configured to authenticate to a private Azu...

Git credentials are exposed in Atlantis logs

Summary Short summary of the problem. Make the impact and severity as clear as possible. For example: An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Atlantis logs contains GitHub credentials tokens ghs... when they are rotated. Thi...

io.automatiko.quarkus:automatiko-operator-deployment (>=0.4.0 <=0.53.0), io.javaoperatorsdk:operator-framework-quarkus-extension-deployment (>=1.6.2 <=1.7.5) +18 more potentially affected by CVE-2024-1979 via io.quarkus:quarkus-kubernetes-deployment (>=1.10.0.CR1 <=3.7.2)

io.quarkus:quarkus-kubernetes-deployment MAVEN version =1.10.0.CR1, =0.4.0, =1.6.2, =0.0.3, =0.0.3, =1.0.1, =1.0.1, =4.0.0, =2.0.0, =1.8.0, =6.0.0, =7.2.1, =7.6.1, =7.6.1, =7.6.1, =2.0.0, =3.0.3 and more Source cves: CVE-2024...

Authentication flaw

Improper Authentication vulnerability in Apache Pulsar Proxy allows an attacker to connect to the /proxy-stats endpoint without authentication. The vulnerable endpoint exposes detailed statistics about live connections, along with the capability to modify the logging level of proxied connections...

CVE-2022-36103 Talos worker join token can be used to get elevated access level to the Talos API

Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR certificate signing request Talos control plane node might issue Talos API...

PT-2021-23227 · Minio · Minio

Name of the Vulnerable Software and Affected Versions: Minio console versions prior to 0.12.3 Description: The Minio console is subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. This issue affects all users on release v0.12.2 and before. The...

Saferwall - A Hackable Malware Sandbox For The 21St Century

Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers. Acts as a system expert, to help researchers generates an automated malware analysis report. Hunting platform to find new malwares...

Flan - A Pretty Sweet Vulnerability Scanner By CloudFlare

Flan Scan is a lightweight network vulnerability scanner. With Flan Scan you can easily find open ports on your network, identify services and their version, and get a list of relevant CVEs affecting your network. Flan Scan is a wrapper over Nmap and the vulners script which turns Nmap into a...