CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

56 matches found

OSV•added 2026/01/30 4:23 p.m.•3 views

CLEANSTART-2026-CQ38405 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00451EPSS

Exploits2References11

OSV•added 2026/01/30 4:22 p.m.•3 views

CLEANSTART-2026-QE58701 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

9.8CVSS5.6AI score0.00451EPSS

Exploits2References9

OSV•added 2026/01/30 4:22 p.m.•3 views

CLEANSTART-2026-YD87381 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

9.8CVSS5.6AI score0.00451EPSS

Exploits2References10

OpenVAS•added 2025/10/28 12:0 a.m.•1 views

Fedora: Security Advisory (FEDORA-2025-6f02e8f9d3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS6.8AI score0.0035EPSS

Exploits2References6

Chainguard•added 2025/09/20 1:30 p.m.•4 views

CVE-2025-47906 vulnerabilities

Vulnerabilities for packages: blobfuse2, sftpgo-plugin-geoipfilter, prometheus-beat-exporter-fips, octo-sts, blob-csi-fips, knative-eventing, cluster-api, gitlab-runner, prometheus-adapter, openbao-k8s-fips, linkerd2-proxy-init, rancher-machine, knative-serving, kube-vip-cloud-provider,...

6.5CVSS6.4AI score0.00489EPSS

Exploits1

Chainguard•added 2025/09/20 1:30 p.m.•5 views

GHSA-GWRF-JF3H-W649 vulnerabilities

5.2AI score

Exploits0

SUSE Linux•added 2025/07/23 1:47 p.m.•4 views

Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle

This update fixes the following issues: golang-github-prometheus-nodeexporter: Security issues fixed: CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component bsc1238686 Other bugs fixed: Fixed Darwin memory leak pressure: Fix...

9.6CVSS7.3AI score0.00959EPSS

Exploits2References76

Tenable Nessus•added 2025/07/08 12:0 a.m.•3 views

Fedora 43 : node-exporter (2025-6f02e8f9d3)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6f02e8f9d3 advisory. Automatic update for node-exporter-1.9.1-1.fc43. Changelog Tue Jul 8 2025 Mikel Olasagasti Uranga - 1.9.1-1 - Update to 1.9.1 - Closes rhbz2346095 rhbz234093...

4.4CVSS7AI score0.0035EPSS

Exploits2References2

OSV•added 2025/06/18 2:10 a.m.•6 views

SUSE-SU-2025:01988-1 Security update for golang-github-prometheus-node_exporter

This update for golang-github-prometheus-nodeexporter fixes the following issues: golang-github-prometheus-nodeexporter was updated to version 1.9.1: - Security issues fixed: CVE-2025-22870: Bumped golang.org/x/net to version 0.37.0 bsc1238686 - Other bugs fixed: pressure: Fixed missing IRQ on...

7.5CVSS7.1AI score0.91969EPSS

Exploits3References5

OSV•added 2025/05/12 12:0 a.m.•3 views

OPENSUSE-SU-2025:15075-1 golang-github-prometheus-node_exporter-1.9.1-3.1 on GA media

These are all security issues fixed in the golang-github-prometheus-nodeexporter-1.9.1-3.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.7AI score0.91969EPSS

Exploits1References2

CBLMariner•added 2025/04/12 2:52 a.m.•15 views

CVE-2025-22870 affecting package prometheus-node-exporter for versions less than 1.7.0-3

CVE-2025-22870 affecting package prometheus-node-exporter for versions less than 1.7.0-3. A patched version of the package is available...

4.4CVSS5.2AI score0.0035EPSS

Exploits2

OSV•added 2025/03/12 7:15 p.m.•1 views

AZL-58422 CVE-2025-22870 affecting package prometheus-node-exporter for versions less than 1.7.0-3

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...

4.4CVSS6.6AI score0.0035EPSS

Exploits2References1

CBLMariner•added 2025/02/19 8:5 p.m.•24 views

CVE-2023-45288 affecting package prometheus-node-exporter for versions less than 1.7.0-2

CVE-2023-45288 affecting package prometheus-node-exporter for versions less than 1.7.0-2. A patched version of the package is available...

7.5CVSS8AI score0.91969EPSS

Exploits1

OpenVAS•added 2024/09/10 12:0 a.m.•19 views

Fedora: Security Advisory (FEDORA-2023-654e0ddfd8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.05623EPSS

Exploits0References5

OSV•added 2024/05/06 9:55 a.m.•6 views

SUSE-SU-2024:1532-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: release-notes-susemanager: - Update to SUSE Manager 4.3.12 Monitoring: Node exporter upgraded to 1.7.0 Automatic migration from Salt 3000 to the Salt Bundle New update-salt recurring state uyuni-proxy-systemd-services package has been added to proxy channel...

6.5CVSS6.8AI score0.00879EPSS

Exploits1References35

Tenable Nessus•added 2024/04/29 12:0 a.m.•62 views

Fedora 40 : golang-github-prometheus-node-exporter (2023-654e0ddfd8)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-654e0ddfd8 advisory. Automatic update for golang-github-prometheus-node-exporter-1.6.1-1.fc40. Changelog Thu Nov 9 2023 Mikel Olasagasti Uranga - 1.6.1-1 - Update to 1.6...

7.5CVSS7.1AI score0.05623EPSS

Exploits0References3

OSV•added 2024/04/04 9:15 p.m.•3 views

AZL-38473 CVE-2023-45288 affecting package prometheus-node-exporter for versions less than 1.7.0-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS

Exploits1References1

OpenVAS•added 2024/03/04 12:0 a.m.•14 views

openSUSE: Security Advisory for Golang Prometheus (SUSE-SU-2023:3888-1)

5.3CVSS7.1AI score0.01328EPSS

Exploits0References2

CBLMariner•added 2024/02/14 5:5 p.m.•27 views

CVE-2021-44716 affecting package prometheus-node-exporter for versions less than 1.3.1-24

CVE-2021-44716 affecting package prometheus-node-exporter for versions less than 1.3.1-24. A patched version of the package is available...

7.5CVSS8.1AI score0.03958EPSS

Exploits0

CBLMariner•added 2024/02/09 7:7 p.m.•93 views