31 matches found
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: osv-scanner, clickhouse-operator, flux-helm-controller, newrelic-k8s-metadata-injection, smarter-device-manager, apko, malcontent, victoriametrics-cluster, karpenter, polaris, pluto, smokescreen, grafana-rollout-operator, mountpoint-s3-csi-driver,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: govulncheck, spark-operator, cert-exporter, kube-fluentd-operator, coredns, metrics-agent, zot, cis-operator, mesosphere-vsphere-csi, kubernetes-dashboard-metrics-scraper, nfpm, amazon-cloudwatch-agent-operator, neuvector-scanner, crossplane-provider-azure-storage,...
CLEANSTART-2026-NV36169 Security fixes for CVE-2025-61732, CVE-2025-66564, CVE-2025-68121, CVE-2026-24686, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, ghsa-fcv2-xgw5-pqxf applied in versions: 0.7.29-r1, 0.7.29-r2
Multiple security vulnerabilities affect the sigstore-scaffolding package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-25679 vulnerabilities
Vulnerabilities for packages: spark-operator, cert-exporter, sbom-scorecard, kube-fluentd-operator, coredns, metrics-agent, cis-operator, azure-ipam, mesosphere-vsphere-csi, kubernetes-dashboard-metrics-scraper, nfpm, amazon-cloudwatch-agent-operator, cert-manager-cmctl, cloud-provider-aws,...
GHSA-J3GX-2473-5FP8 vulnerabilities
Vulnerabilities for packages: spark-operator, cert-exporter, sbom-scorecard, kube-fluentd-operator, coredns, metrics-agent, cis-operator, azure-ipam, mesosphere-vsphere-csi, kubernetes-dashboard-metrics-scraper, nfpm, amazon-cloudwatch-agent-operator, cert-manager-cmctl, cloud-provider-aws,...
CVE-2026-27142 vulnerabilities
Vulnerabilities for packages: blob-csi, prometheus-blackbox-exporter, crossplane-provider-aws-memorydb, libnvidia-container, oauth2-proxy, podinfo, gatekeeper, kserve-rest-proxy, kube-fluentd-operator, minio, crossplane-provider-aws-rds, coredns, lvm-driver, opentelemetry-collector-contrib,...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: blob-csi, prometheus-blackbox-exporter, crossplane-provider-aws-memorydb, libnvidia-container, oauth2-proxy, podinfo, gatekeeper, kserve-rest-proxy, kube-fluentd-operator, minio, crossplane-provider-aws-rds, coredns, lvm-driver, opentelemetry-collector-contrib,...
Backstage 日志信息泄露漏洞
Backstage is an open-source application developed by Backstage. It serves as an open platform for building developer portals. Versions of Backstage prior to 3.1.4 contained a vulnerability related to log information leakage. This vulnerability stemmed from malicious scaffolding templates that cou...
CVE-2024-34913
An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...
EUVD-2024-2470
Malicious code in bioql PyPI...
EUVD-2024-35107
Malicious code in bioql PyPI...
Malicious code in test-mlw2-clour-heats-nards-scaff (npm)
The package test-mlw2-clour-heats-nards-scaff was found to contain malicious code...
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: k8sgpt, falcoctl, rook, zarf, argo-events, cluster-autoscaler, fluent-bit-plugin-loki, py3-cassandra-medusa, fulcio, timestamp-authority, ksops, opentelemetry-collector-contrib, tekton-chains, pulumi, grafana-mimir, up, zot, datadog-agent, boring-registry,...
CVE-2024-34913
An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2024-34913
An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2024-34913
An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2024-34913
An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2024-34913
The CVE-2024-34913 entry impacts r-pan-scaffolding versions 5.0 and older, where an arbitrary file upload vulnerability allows an attacker to execute arbitrary code by uploading a crafted PDF. The root cause is an improper handling of PDF uploads in the file-upload functionality, enabling code ex...
r-pan-scaffolding 安全漏洞
rubinchu r-pan-scaffolding is a simple file management system from rubinchu that implements file uploading, downloading, moving and other functions. A security vulnerability exists in r-pan-scaffolding v5.0 and earlier versions. An attacker can execute arbitrary code by uploading a specially...
PT-2024-26246 · Unknown · R-Pan-Scaffolding
Name of the Vulnerable Software and Affected Versions: r-pan-scaffolding versions 5.0 and below Description: The issue allows attackers to execute arbitrary code via uploading a crafted PDF file. This is achieved through an arbitrary file upload vulnerability. Recommendations: For versions 5.0 an...