Lucene search
K

11 matches found

EUVD
EUVD
added 2026/07/02 8:42 a.m.7 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 4:16 p.m.17 views

CVE-2026-10101

ACM/MCE assisted-service writes raw referenced pull-secret contents into InfraEnv.status.conditions.message when pull-secret validation fails. A namespace principal with the stock view ClusterRole cannot directly read Secrets, but can read InfraEnv objects and recover the referenced Secret's...

6.3CVSS0.00182EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/14 9:30 p.m.5 views

CVE-2026-34984

A flaw was found in External Secrets Operator. An attacker with the ability to create or update templated ExternalSecret resources can exploit a vulnerability in the v2 template engine. This flaw allows the attacker to use the getHostByName function to perform controller-side DNS lookups, leading...

7.1CVSS5.7AI score0.00262EPSS
Exploits0References6
NVD
NVD
added 2026/01/02 3:16 p.m.8 views

CVE-2025-54166

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS...

6.9CVSS0.00285EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-10253

Malware in sbrugna...

5.9CVSS5.5AI score0.00232EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54131

Malicious code in bioql PyPI...

9.1CVSS6.4AI score0.00876EPSS
Exploits1References3
CVE
CVE
added 2025/10/03 6:11 p.m.9 views

CVE-2025-52429

CVE-2025-52429 affects QNAP QTS and QuTS hero. The issue is a use of externally-controlled format string in the OS, which an administrator-authenticated remote attacker could exploit to access secret data or modify memory. Affected products/versions: QTS prior to 5.2.6.3195 (build 20250715) and Q...

6.5CVSS6.5AI score0.00339EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2021/09/14 4:15 p.m.6 views

CVE-2021-41077

The activation process in Travis CI, for certain 2021-09-03 through 2021-09-10 builds, causes secret data to have unexpected sharing that is not specified by the customer-controlled .travis.yml file. In particular, the desired behavior if .travis.yml has been created locally by a customer, and...

7.5CVSS5.7AI score0.01485EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2021/09/14 4:15 p.m.3 views

CVE-2021-41077

The activation process in Travis CI, for certain 2021-09-03 through 2021-09-10 builds, causes secret data to have unexpected sharing that is not specified by the customer-controlled .travis.yml file. In particular, the desired behavior if .travis.yml has been created locally by a customer, and...

7.5CVSS7.3AI score0.01485EPSS
Exploits0References7
OSV
OSV
added 2018/12/13 2:29 p.m.4 views

CVE-2018-8033

In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine org.apache.ofbiz.service.engine.HttpEngine.java handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName,...

7.5CVSS5.8AI score0.25743EPSS
Exploits0References1
Broadcom
Broadcom
added 2017/09/29 12:0 a.m.9 views

BSA-2017-435

Security Advisory ID : BSA-2017-435 Component : Apache HTTPD Revision : 3.0: Final Apachehttpdallows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccessfile, or ifhttpd.confhas certain misconfigurations, akaOptionsbleed. This affects th...

7.5CVSS9.5AI score0.94999EPSS
Exploits9
Rows per page
Query Builder