47 matches found
EUVD-2023-24130
Malicious code in bioql PyPI...
EUVD-2022-2835
Malicious code in bioql PyPI...
EUVD-2023-23456
Malicious code in bioql PyPI...
Security update for minikube (important)
openSUSE Security Update: Security update for minikube Announcement ID: openSUSE-SU-2025:0318-1 Rating: important References: 1234528 Cross-References: CVE-2024-45337 CVSS scores: CVE-2024-45337 SUSE: 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP...
CVE-2018-1002103
In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. In VM environments where the IP is easy to predict, the attacker can use DNS rebinding to indirectly make requests to the Kubernetes Dashboard, create a new Kubernetes Deployment...
Exploit for CVE-2025-1974
CVE-2025-1974: Kubernetes Ingress Nginx Controller 취약점 분석 및 Po...
GO-2023-1961 Minikube RCE via DNS Rebinding in k8s.io/minikube
Minikube RCE via DNS Rebinding in k8s.io/minikube...
CRI-O vulnerable to an arbitrary systemd property injection
Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...
GHSA-2CGQ-H8XW-2V5J CRI-O vulnerable to an arbitrary systemd property injection
Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...
The vulnerability of the Kubernetes environment configuration tool for developing and testing applications in minikube lies in its ability to disclose information, allowing attackers to increase their privileges.
The vulnerability of the Kubernetes environment configuration tool for developing and testing applications in minikube relates to the disclosure of information. This vulnerability allows attackers to increase their privileges...
Authentication Bypass
github.com/kubernetes/minikube is vulnerable to Authentication Bypass. The vulnerability exists due to the use of hard-coded credentials which allows a local attacker to use the default password and bypass the login via ssh access to the minikube container...
Privilege Escalation
github.com/kubernetes/minikube is vulnerable to Privilege Escalation. A remote attacker is able to access to the minikube container with elevated privileges due to an exposed network port when minikube is running on macOS with the Docker driver...
CVE-2023-1174
This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container...
CVE-2023-1944
This vulnerability enables ssh access to minikube container using a default password...
CVE-2023-1944
This vulnerability enables ssh access to minikube container using a default password...
CVE-2023-1174
This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container...
Default credentials
This vulnerability enables ssh access to minikube container using a default password...
Design/Logic Flaw
This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container...
CVE-2023-1944 [minikube] ssh server with default password
This vulnerability enables ssh access to minikube container using a default password...
CVE-2023-1174
CVE-2023-1174 affects minikube running on macOS with the Docker driver, where an exposed network port permits unexpected remote access to the minikube container. The vulnerability is described across multiple sources (NVD, CVE listing, Veracode, OSV, etc.) as a network exposure that could lead to...