Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26142

Malicious code in bioql PyPI...

10CVSS6.6AI score0.00759EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/30 6:18 p.m.4 views

CVE-2025-34160

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS8.5AI score0.00759EPSS
Exploits0References1
NVD
NVD
added 2025/08/27 10:15 p.m.3 views

CVE-2025-34160

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS0.00759EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/27 9:22 p.m.3 views

CVE-2025-34160 AnyShare ServiceAgent API Unauthenticated RCE

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS8AI score0.00759EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/08/27 9:22 p.m.6 views

CVE-2025-34160

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS6.6AI score0.00759EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/27 9:22 p.m.8 views

CVE-2025-34160 AnyShare ServiceAgent API Unauthenticated RCE

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS0.00759EPSS
Exploits0References5
CVE
CVE
added 2025/08/27 9:22 p.m.24 views

CVE-2025-34160

CVE-2025-34160 affects AnyShare via the ServiceAgent API exposed on port 10250. The endpoint "/api/ServiceAgent/start_service" accepts POST input and fails to sanitize command-like payloads, enabling unauthenticated remote code execution (RCE) when an attacker injects shell syntax that is execute...

10CVSS8AI score0.00759EPSS
In wildExploits0References5
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.4 views

PT-2025-34943 · Anyshare · Anyshare

Name of the Vulnerable Software and Affected Versions: AnyShare affected versions not specified Description: AnyShare contains a critical unauthenticated remote code execution issue in the ServiceAgent API exposed on port 10250. The /api/ServiceAgent/start service endpoint accepts user-supplied...

10CVSS7.7AI score0.00759EPSS
Exploits0References10
VulnCheck KEV
VulnCheck KEV
added 2025/07/11 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-34160

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS6.5AI score0.00759EPSS
In wildExploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.3 views

SUSE CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

5.3CVSS6.8AI score0.01141EPSS
Exploits0References3
OSV
OSV
added 2022/02/15 1:57 a.m.23 views

GHSA-QHM4-JXV7-J9PQ Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

4.3CVSS6.3AI score0.01141EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2021/06/13 5:52 a.m.93 views

CVE-2021-20198

A flaw was found in the OpenShift Installer. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated /exec...

8.1CVSS3.1AI score0.01833EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/02/08 12:0 a.m.7 views

Red Hat OpenShift Container Platform Access Control Error Vulnerability

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that enable organizations to develop, deploy, and manage existing container-based applications across physical, virtual, and public cloud infrastructures. An access control error vulnerability exists in Re...

8.1CVSS7.5AI score0.01833EPSS
Exploits0References5
OSV
OSV
added 2020/03/27 3:15 p.m.1 views

DEBIAN-CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

6.5CVSS6.6AI score0.01141EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/03/27 3:15 p.m.25 views

CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

6.5CVSS6.6AI score0.01141EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/03/27 2:25 p.m.26 views

CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

6.5CVSS6.5AI score0.01141EPSS
Exploits0
Veracode
Veracode
added 2020/03/25 3:23 a.m.30 views

Denial Of Service (DoS)

github.com/kubernetes/kubernetes is vulnerable to denial of service. A remote attacker is able to crash the application via a malicious request to the unauthenticated HTTP read-only API that is typically served on port 10255, and the authenticated HTTPS API typically served on port 10250...

6.5CVSS1.7AI score0.01141EPSS
Exploits0References8Affected Software1
Kitploit
Kitploit
added 2019/05/28 9:49 p.m.177 views

Kubolt - Utility For Scanning Public Kubernetes Clusters

Kubolt is a simple utility for scanning public unauthinticated kubernetes clusters and run commands inside containers. Why? Sometimes, the kubelet port 10250 is open to unauthorized access and makes it possible to run commands inside the containers using getrun function from kubelet: // getRun...

7.5AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/06/28 12:0 a.m.51 views

Kubernetes unprivileged API access

A remote, unauthenticated attacker is able to leverage API calls to execute commands and scripts or gain shell access via port 10250 https %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid110768; scriptversion"1.5";...

5.6AI score
Exploits0References1
Rows per page
Query Builder