Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/06/19 8:51 p.m.7 views

Grafana Operator: Privilege escalation from namespace admin to cluster admin via GrafanaDashboard jsonnetLib fileName

We have released version 5.24.0 of the Grafana Operator. This patch includes a MODERATE severity security fix for a path traversal/privilege escalation vulnerability in the Grafana Operator. Summary The Grafana Operator supports loading dashboards & library panels using the jsonnet data templatin...

8.8CVSS5.9AI score0.0032EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2025/08/27 11:12 p.m.3 views

MAL-2025-41437 Malicious code in @nx/enterprise-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a8a1b6e74c68b5c6901f2ea242469aa5a34ffec9ddc3fb92267b3d1627123267 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...

9.6CVSS7.6AI score0.00527EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 2:10 p.m.14 views

CVE-2020-11846

A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1...

8.7CVSS6.7AI score0.00309EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/12/23 4:4 a.m.5 views

SUSE CVE-2024-9779

A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...

7.5CVSS6.6AI score0.00439EPSS
Exploits0References4
Rows per page
Query Builder