CVE-2026-41184

In Calico, the install-cni init container logs the rendered CNI configuration and, when the template uses the SERVICEACCOUNT_TOKEN placeholder (Canal/Flannel-Calico deployments), substitutes the live Kubernetes ServiceAccount bearer token for logging. This exposes the token to any authenticated u...

UBUNTU-CVE-2024-36976

In the Linux kernel, the following vulnerability has been resolved: Revert "media: v4l2-ctrls: show all owned controls in logstatus" This reverts commit 9801b5b28c6929139d6fceeee8d739cc67bb2739. This patch introduced a potential deadlock scenario: Wed May 8 10:02:06 2024 Possible unsafe locking...

CVE-2020-8554

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

120.35.29.73 XSS vulnerability

Vulnerable URL: http://120.35.29.73:81/WaiLianService/json/bjtjjson.jsp?callback=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...