Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.14 views

CVE-2026-41724

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS5.2AI score0.00313EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/05 9:49 p.m.8 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the cani callback, which issues SubjectAccessReview requests without enforcing context-aware allow-lists. An attacker can obtain information about RBAC permissions of any user or service account across the...

5.3CVSS5.8AI score0.00171EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/27 6:2 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the context variable evaluation process. An attacker with policy creation privileges can exhaust system memory and disrupt service availability with policies that exponentially...

7.7CVSS5.9AI score0.00531EPSS
Exploits1References2
Snyk
Snyk
added 2026/01/27 6:2 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the context variable evaluation process. An attacker with policy creation privileges can exhaust system memory and disrupt service availability with policies that exponentially...

7.7CVSS5.9AI score0.00531EPSS
Exploits1References2
Rows per page
Query Builder