14 matches found
EUVD-2023-34010
Malicious code in bioql PyPI...
CVE-2023-2530
A privilege escalation allowing remote code execution was discovered in the orchestration service...
Puppet Enterprise 2021.x < 2021.0 / 2023.x < 2023.2 RCE
A privilege escalation allowing remote code execution was discovered in the orchestration service. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin...
USN-6293-1: OpenStack Heat vulnerability
It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data...
SUSE CVE-2023-2530
A privilege escalation allowing remote code execution was discovered in the orchestration service...
CVE-2023-2530
A privilege escalation allowing remote code execution was discovered in the orchestration service...
CVE-2023-2530
A privilege escalation allowing remote code execution was discovered in the orchestration service...
Privilege escalation
A privilege escalation allowing remote code execution was discovered in the orchestration service...
CVE-2023-2530
A privilege escalation allowing remote code execution was discovered in the orchestration service...
CVE-2023-2530
A privilege escalation allowing remote code execution was discovered in the orchestration service...
CVE-2023-2530
CVE-2023-2530 is a remote code execution vulnerability in Puppet's orchestration service that enables privilege escalation. Public details across multiple sources indicate the issue affects Puppet Enterprise versions prior to 2021.0 in the 2021.x line and prior to 2023.2 in the 2023.x line (per N...
PT-2023-20016 · Puppet +1 · Puppet Enterprise
Name of the Vulnerable Software and Affected Versions: Orchestration service affected versions not specified Description: A privilege escalation issue was discovered in the orchestration service, allowing remote code execution. Recommendations: At the moment, there is no information about a newer...
CVE-2023-2530
A privilege escalation allowing remote code execution was discovered in the orchestration service...
Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances
Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers. The campaign involved deploying TensorFlow pods on Kubernetes clusters, with the pods running legitimate TensorFlow images from the official...