83 matches found
Cisco APIC Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Application Policy Infrastructure Controller due to a signal handler race condition found in sshd, where a client does...
GHSA-XM5M-WGH2-RRG3 vulnerabilities
Vulnerabilities for packages: aactl, ko, slsa-verifier, sigstore-scaffolding, crossplane, docker-cli-buildx, trivy-operator, kyverno-notation-aws, tekton-chains, policy-controller, kyverno, tkn, tflint, docker, cosign, trivy, goreleaser, buildkitd, gh, ratify, teleport, gitsign, spire-server,...
CVE-2026-39984 vulnerabilities
Vulnerabilities for packages: aactl, ko, slsa-verifier, sigstore-scaffolding, crossplane, docker-cli-buildx, trivy-operator, kyverno-notation-aws, tekton-chains, policy-controller, kyverno, tkn, tflint, docker, cosign, trivy, goreleaser, buildkitd, gh, ratify, teleport, gitsign, spire-server,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: terraform-provider-pagerduty, helm, nginx-prometheus-exporter, azure-service-operator, cert-manager-csi-driver, gatekeeper, certificate-transparency, cerbos, kpt, temporal-ui-server, crossplane-provider-azure-managedidentity, bom, helm-mapkubeapis,...
CVE-2026-39883 vulnerabilities
Vulnerabilities for packages: guac, cass-operator, azure-service-operator, fluent-operator, gatekeeper, temporal, cerbos, crossplane-provider-azure-managedidentity, jaeger, temporal-server, cloud-provider-vsphere, node-feature-discovery, kubernetes, distribution, rancher-agent,...
GHSA-HFVC-G4FC-PQHX vulnerabilities
Vulnerabilities for packages: guac, cass-operator, azure-service-operator, fluent-operator, gatekeeper, temporal, cerbos, crossplane-provider-azure-managedidentity, jaeger, temporal-server, cloud-provider-vsphere, node-feature-discovery, kubernetes, distribution, rancher-agent,...
GHSA-HFVC-G4FC-PQHX vulnerabilities
Vulnerabilities for packages: secrets-store-csi-driver-fips, zitadel, guac, ld-relay-fips, aws-ebs-csi-driver-fips, rke2-cloud-provider-fips, splunk-otel-collector, crossplane-provider-azure-alertsmanagement, src, hydra-fips, hydra, teleport, compgencompare, cloudprober-fips, kubescape-operator,...
CVE-2026-39883 vulnerabilities
Vulnerabilities for packages: secrets-store-csi-driver-fips, zitadel, guac, ld-relay-fips, aws-ebs-csi-driver-fips, rke2-cloud-provider-fips, splunk-otel-collector, crossplane-provider-azure-alertsmanagement, src, hydra-fips, hydra, teleport, compgencompare, cloudprober-fips, kubescape-operator,...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: kubescape-server, gitaly-fips, guac, src-fingerprint-fips, gitea, hydra-fips, hydra, terraform-provider-azuread, kyverno, atlantis-fips, grafana-alloy, gitness, vault-fips, gitlab-operator-fips, actions-runner-controller, image-factory, ratify-fips,...
CVE-2026-26207
CVE-2026-26207 affects Discourse with the discourse-policy plugin. Prior to versions 2025.12.2, 2026.1.1 and 2026.2.0, PolicyController loads posts by ID without verifying the current user’s visibility, allowing authenticated users to interact with policies on posts they cannot view and to enumer...
CVE-2026-20107
The CVE concerns Cisco Application Policy Infrastructure Controller (APIC) in the Object Model CLI. A vulnerability in the CLI input validation could allow an authenticated, local attacker with any role granting CLI access to issue crafted commands and trigger a device reload, causing a DoS. Affe...
Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability
A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. To exploit this vulnerability, the attacker...
Important: Red Hat Security Advisory: RHTAS - Tech Preview Release Of the Policy Controller Operator
The Tech Preview release of the RHTAS Policy Controller Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Policy Controller Operator can be used with OpenShift Container Platform 4.16, 4.17,...
Important: Red Hat Security Advisory: RHTAS - Tech Preview Release Of the Policy Controller Operator
The Tech Preview release of the RHTAS Policy Controller Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Policy Controller Operator can be used with OpenShift Container Platform 4.16, 4.17,...
Important: Red Hat Security Advisory: RHTAS 1.3.1 - Tech Preview Release Of the Policy Controller Operator
The Tech Preview release of the RHTAS Policy Controller Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Policy Controller Operator can be used with OpenShift Container Platform 4.15, 4.16,...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: zitadel, guac, gofumpt, aws-ebs-csi-driver-fips, rke2-cloud-provider-fips, splunk-otel-collector, swagger, src, docker-cli-fips, hydra-fips, minio-object-browser-fips, hydra, prometheus-mysqld-exporter, teleport, kubescape-operator, opentelemetry-collector, vault-fip...
CVE-2025-46569 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws, gatekeeper, policy-controller, tfsec, kyverno, spire-server, witness, cosign, trivy, conftest, kots...
GHSA-6M8W-JC87-6CR7 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws, gatekeeper, policy-controller, tfsec, kyverno, spire-server, witness, cosign, trivy, conftest, kots...
GHSA-RXX3-4978-3CC9 vulnerabilities
Vulnerabilities for packages: kind, policy-controller, falco...
GHSA-68G3-2P3G-W9PQ vulnerabilities
Vulnerabilities for packages: kind, policy-controller, falco...