Lucene search
K

56 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2502

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.01773EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 6:55 a.m.9 views

CVE-2019-10285

Jenkins Minio Storage Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

8.8CVSS6.7AI score0.01773EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.32 views

CBL Mariner 2.0 Security Update: kubernetes (CVE-2023-5528)

The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5528 advisory. - A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on...

8.8CVSS7.6AI score0.03578EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/20 5:46 p.m.25 views

Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to remote authentication attack due to Kubernetes Scheduler code ( CVE-2023-5528 )

Summary Kubernetes Scheduler code is used by IBM Cloud Pak for Data Scheduling as part of the scheduling binaries. CVE-2023-5528. Vulnerability Details CVEID:CVE-2023-5528 DESCRIPTION: Kubernetes kubelet could allow a remote authenticated attacker to gain elevated privileges on the system, caused...

8.8CVSS7.7AI score0.03578EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/03/06 5:15 p.m.14 views

CVE-2024-28174

In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly...

5.8CVSS5.7AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/06 12:0 a.m.5 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity has an authorization issue...

5.8CVSS7AI score0.00336EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/06 12:0 a.m.9 views

PT-2024-2098 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2023.11.4 Description: The issue is related to improper authorization of presigned URL generation requests in the S3 Artifact Storage plugin. This could allow a remote attacker to bypass existing security...

5.8CVSS7.3AI score0.00336EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/02/05 12:0 a.m.6 views

PT-2024-20674 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2023.11.2 Description: The issue is related to missing access control at the S3 Artifact Storage plugin endpoint. This could potentially allow unauthorized access. Recommendations: For versions prior to...

5.3CVSS5.1AI score0.00307EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/01/30 12:0 a.m.4 views

Hitachi Storage Plug-in for VMware vCenter Security Vulnerability

Hitachi Storage Plug-in for VMware vCenter is a plug-in from Hitachi, Japan. It allows integrated management of Hitachie storage systems in vCenter. A security vulnerability exists in Hitachi Storage Plug-in versions 04.0.0 through 04.9.2, which stems from incorrect default permissions...

7.9CVSS6.8AI score0.00142EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/11/15 6:34 p.m.36 views

CVE-2023-5528

A flaw was found in Kubernetes, where a user who can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS7.4AI score0.03578EPSS
Exploits0References4
OSV
OSV
added 2023/11/14 9:31 p.m.17 views

GHSA-HQ6Q-C2X6-HMCH Kubernetes Improper Input Validation vulnerability

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS8.7AI score0.03578EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2023/11/14 9:31 p.m.39 views

Kubernetes Improper Input Validation vulnerability

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS7.1AI score0.03578EPSS
Exploits0References13Affected Software1
NVD
NVD
added 2023/11/14 9:15 p.m.26 views

CVE-2023-5528

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS0.03578EPSS
Exploits0References6
OSV
OSV
added 2023/11/14 9:15 p.m.7 views

AZL-34894 CVE-2023-5528 affecting package kubernetes for versions less than 1.28.7-2

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS7.1AI score0.03578EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/11/14 9:15 p.m.42 views

CVE-2023-5528

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS7AI score0.03578EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/14 8:32 p.m.219 views

CVE-2023-5528 Kubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

7.2CVSS8.9AI score0.03578EPSS
Exploits0References2
OSV
OSV
added 2023/11/14 8:32 p.m.22 views

CVE-2023-5528 Kubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

7.2CVSS7AI score0.03578EPSS
Exploits0References9
Kubernetes Security Advisories
Kubernetes Security Advisories
added 2023/11/14 3:54 p.m.5 views

Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes

CVSS Rating: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - HIGH 7.2 A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they ar...

8.8CVSS6.9AI score0.03578EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/10/17 12:0 a.m.5 views

Apache Traffic Server 信息泄露漏洞

Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. Apache Traffic Server suffers from an information disclosure vulnerability that stems from the application exposing sensitive information and is vulnerable to HTTP/2 and s3...

7.5CVSS6.2AI score0.0122EPSS
Exploits0References7
Veracode
Veracode
added 2022/06/16 8:2 a.m.18 views

Information Disclosure

org.rundeck:rundeck is vulnerable to information disclosure. A faulty mechanism in key storage converter plugin may cause credentials to be written in plaintext to the backend storage, which allows remote attackers to gain access to confidential keys and passwords...

7.5CVSS7.2AI score0.00634EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder