831 matches found
CVE-2026-44849
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...
CVE-2026-44849 Portainer: Endpoint security bypass via Swarm service create/update
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...
EUVD-2026-33063
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...
ROS-20260524-73-0042
Vulnerability in mariadb10.6 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260524-73-0040
Vulnerability in mariadb11.8 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260524-73-0041
Vulnerability in mariadb11.4 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
GHSA-5FXQ-QCF3-244W Portainer has an endpoint security bypass via Swarm service create/update
Summary Portainer enforces seven EndpointSecuritySettings restrictions that administrators configure to restrict the container configurations non-admin users can launch: privileged mode, host PID namespace, device mapping, capabilities, sysctls, security-opt Seccomp / AppArmor, and bind mounts. T...
Portainer has an endpoint security bypass via Swarm service create/update
Summary Portainer enforces seven EndpointSecuritySettings restrictions that administrators configure to restrict the container configurations non-admin users can launch: privileged mode, host PID namespace, device mapping, capabilities, sysctls, security-opt Seccomp / AppArmor, and bind mounts. T...
Security Bulletin: Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063).
Summary Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address these...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the JoinWorkflowSpec process. An attacker can gain unauthorized access to host networking, override service account assignments, modify pod security contexts, add tolerations, or enable service account token...
JLSEC-2026-427 When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in...
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
Grafana 安全漏洞
Grafana is a set of open-source monitoring tools developed by Grafana Open Source, which provide a visual monitoring interface. This tool is primarily used for monitoring and analyzing systems such as Graphite, InfluxDB, and Prometheus. Grafana has a security vulnerability that stems from users...
Security Bulletin: IBM WebSphere Application Server Liberty could provide weaker than expected security (CVE-2025-14917)
Summary IBM WebSphere Application Server Liberty could provide weaker than expected security administering security settings when the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0 or appSecurity-5.0 feature is enabled. Vulnerability Details CVEID:CVE-2025-14917 DESCRIPTION: I...
CVE-2025-14917
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
CVE-2025-14917
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
CVE-2025-14917 IBM WebSphere Application Server Liberty could provide weaker than expected security
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
CVE-2025-14917 IBM WebSphere Application Server Liberty could provide weaker than expected security
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
CVE-2025-14917
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
CVE-2025-14917
IBM WebSphere Application Server Liberty
IBM WebSphere Application Server Liberty 安全漏洞
IBM WebSphere Application Server Liberty is a Java application server developed by IBM, based on the Open Liberty project. Versions of IBM WebSphere Application Server Liberty 26.0.0.3 and earlier contain security vulnerabilities, which stem from insufficient security provided during the manageme...