Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61 matches found

OSV
OSVadded 2023/07/03 9:15 p.m.17 views

CVE-2023-2728

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.5AI score
Exploits0References4
OSV
OSVadded 2023/07/03 9:15 p.m.0 views

UBUNTU-CVE-2023-2728

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.6AI score0.02157EPSS
Exploits1References4
Cvelist
Cvelistadded 2023/07/03 8:6 p.m.25 views

CVE-2023-2728 Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.8AI score0.02157EPSS
Exploits1References4
CVE
CVEadded 2023/07/03 8:6 p.m.2764 views

CVE-2023-2728

CVE-2023-2728 : The vulnerability allows containers to bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when ephemeral containers are used. Kubernetes clusters are affected only if both the ServiceAccount admission plugin and the annotation kubernetes.io/enforce...

6.5CVSS6.6AI score0.02157EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVEadded 2023/07/03 8:6 p.m.20 views

CVE-2023-2728

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field...

6.5CVSS6.3AI score0.02157EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2023/07/03 12:0 a.m.33 views

Oracle Linux 8 : kubernetes (ELSA-2023-12564)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12564 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.25.11 - CVE-2023-27496 - CVE-2023-27488 - CVE-2023-27493 - CVE-2023-27492 - CVE-2023-27491 -...

10CVSS6.8AI score0.02701EPSS
Exploits9References3
Tenable Nessus
Tenable Nessusadded 2023/07/03 12:0 a.m.31 views

Oracle Linux 7 : kubernetes (ELSA-2023-12562)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12562 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.24.15 Tenable has extracted the preceding description block directly from the Oracle Linux...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2023/06/20 12:0 a.m.28 views

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.23 (SUSE-SU-2023:2543-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2543-1 advisory. - Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral...

6.5CVSS6.6AI score0.02157EPSS
Exploits1References7
Tenable Nessus
Tenable Nessusadded 2023/06/20 12:0 a.m.34 views

SUSE SLES15 Security Update : kubernetes1.23 (SUSE-SU-2023:2542-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2542-1 advisory. - Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References7
Tenable Nessus
Tenable Nessusadded 2023/06/20 12:0 a.m.29 views

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.24 (SUSE-SU-2023:2544-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2544-1 advisory. - Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral...

6.5CVSS6.6AI score0.02157EPSS
Exploits1References7
OpenVAS
OpenVASadded 2023/06/19 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2023:2542-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.02157EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2023/06/15 5:46 a.m.37 views

CVE-2023-2728

A flaw was found in Kubernetes, where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures that pods running with a service account may only reference secrets specified i...

6.5CVSS6.8AI score0.02157EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2023/06/15 12:0 a.m.5 views

PT-2023-21049 · Unknown +3 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes affected versions not specified Description: The issue allows users to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. This policy ensures...

7.7CVSS6.5AI score0.99999EPSS
Exploits21References144
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.16 views

DESlock+ <= 3.2.6 DLMFDISK.sys local kernel ring0 SYSTEM Exploit

No description provided by source. / deslock-pown-v2.c Copyright c 2008 by [email protected] DESlock+ = 3.2.6 local kernel ring0 SYSTEM exploit by mu-b - Wed 26 Dec 2007 - Tested on: DLMFDISK.sys 1.2.0.27 - Microsoft Windows 2003 SP2 - Microsoft Windows XP SP2 Note: create a mountable filesyste...

7.1AI score
Exploits0
NVD
NVDadded 2012/08/26 7:55 p.m.14 views

CVE-2012-3484

Tunnelblick 3.3beta20 and earlier relies on a test for specific ownership and permissions to determine whether a program can be safely executed, which allows local users to bypass intended access restrictions and gain privileges via a 1 user-mountable image or 2 network share...

7.2CVSS6.5AI score0.00185EPSS
Exploits0References3
Prion
Prionadded 2012/08/26 7:55 p.m.14 views

Design/Logic Flaw

Tunnelblick 3.3beta20 and earlier relies on a test for specific ownership and permissions to determine whether a program can be safely executed, which allows local users to bypass intended access restrictions and gain privileges via a 1 user-mountable image or 2 network share...

7.2CVSS7.1AI score0.00185EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVASadded 2008/10/24 12:0 a.m.104 views

User Mountable NFS shares

It is possible to access the remote NFS shares without having root privileges. Description : Some of the NFS shares exported by the remote server could be mounted by the scanning host. An attacker may exploit this problem to gain read and possibly write access to files on remote host. Note that...

7.6AI score
Exploits0
exploitpack
exploitpackadded 2008/02/18 12:0 a.m.10 views

DESlock+ 3.2.6 - DLMFDISK.sys Local kernel Ring0 SYSTEM

DESlock+ 3.2.6 - DLMFDISK.sys Local kernel Ring0 SYSTEM / deslock-pown-v2.c Copyright c 2008 by DESlock+ include include include define DLKFDISKIOCTL 0x80002024 define DLKFDISKRIOCTL 0x80002010 define DLKFDISKSLOT 0x00000C5A define DLKFDISKOFFSET 0x0D define DLKFDISKDISKMAX 0x1A static unsigned...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2004/12/16 12:0 a.m.1276 views

NFS Share User Mountable

Nessus was either able to mount some of the NFS shares exported by the remote server or disclose potentially sensitive information such as a directory listing. An attacker may exploit this issue to gain read and possibly write access to files on remote host. Note that root privileges were not...

5.6AI score
Exploits0
CVE
CVEadded 2000/02/04 5:0 a.m.56 views

CVE-1999-0462

CVE-1999-0462 affects Linux Perl’s suidperl: it does not check the nosuid mount option on file systems, enabling a local user to gain root by placing a setuid script on a mountable filesystem (e.g., CD-ROM or floppy). Root cause: lack of nosuid validation on mounted media. Impact: local privilege...

7.2CVSS6.9AI score0.00397EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder