Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/28 3:47 p.m.6 views

CVE-2026-41184

In Calico, the install-cni init container logs the rendered CNI configuration to standard output. When the configuration template uses the SERVICEACCOUNTTOKEN placeholder Canal/Flannel-Calico deployments, the installer substitutes the live Kubernetes ServiceAccount bearer token before logging,...

6CVSS5.8AI score0.00504EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/05 8:42 p.m.7 views

Gokapi has privilege escalation via incomplete API-key permission revocation on user rank demotion

Summary A privilege escalation vulnerability in the user rank demotion logic allows a demoted user's existing API keys to retain ApiPermManageFileRequests and ApiPermManageLogs permissions, enabling continued access to upload-request management and log viewing endpoints after the user has been...

5.4CVSS5.8AI score0.00116EPSS
Exploits0References4Affected Software1
Huntr
Huntr
added 2025/12/26 3:34 p.m.5 views

Airflow externalLogUrl Permission Bypass

1. Summary The externalLogUrl endpoint in Airflow’s FastAPI enforces only the weaker Task Instance access permission TASKINSTANCE instead of the intended Task Logs permission TASKLOGS. As a result, low-privileged users who are not authorized to view task logs can still obtain external log access...

6.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:20 a.m.5 views

SUSE CVE-2015-2714

Mozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android logging system, which allows attackers to obtain sensitive information via a crafted application that has a required permission for reading a log, as demonstrated by the READLOGS permission for the...

2.1CVSS7.9AI score0.0033EPSS
Exploits0References3
CNVD
CNVD
added 2015/05/14 12:0 a.m.4 views

Mozilla Firefox on Android Information Disclosure Vulnerability

Mozilla Firefox is a popular open source WEB browser. Mozilla Firefox under Android can log sensitive information to Android logcat via URL strings, and a local attacker can access the sensitive information with READLOGS privilege...

2.1CVSS6.2AI score0.0033EPSS
Exploits0References1
Rows per page
Query Builder