618 matches found
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: crossplane-provider-azure-relay, azurefile-csi-fips, datadog-agent, kubescape-server-fips, traefik-fips, art, authentik, authentik-fips, argo-workflows-fips, tw, zarf, docker-fips, flux-image-automation-controller-fips, grafana-pyroscope-fips, dapr-fips,...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: crossplane-provider-azure-relay, azurefile-csi-fips, datadog-agent, kubescape-server-fips, traefik-fips, art, authentik, authentik-fips, argo-workflows-fips, tw, zarf, docker-fips, flux-image-automation-controller-fips, grafana-pyroscope-fips, dapr-fips,...
terraform-aws-wafacl-golden
terraform-aws-wafacl-golden !Terraformhttps://img.shields...
CVE-2026-7428
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
aks-poc-setup
AKS Production-Grade POC Setup A comprehensive, production-re...
CLEANSTART-2026-PT56560 Security fixes for CVE-2026-1229, CVE-2026-32952, CVE-2026-33186, CVE-2026-39882, CVE-2026-39883, ghsa-w8rr-5gcm-pp58, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.14.8-r0, 1.14.8-r1, 1.15.1-r0
Multiple security vulnerabilities affect the terraform package. These issues are resolved in later releases. See references for individual vulnerability details...
EUVD-2026-29438
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
CVE-2026-7428
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
CVE-2026-7428
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
CVE-2026-7428 Insecure default administrative credentials in AlloyDB for PostgreSQL
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
CVE-2026-7428
CVE-2026-7428 affects Google Cloud AlloyDB for PostgreSQL. The vulnerability stems from insecure default administrative credentials that could be created by well-intended Terraform or REST API users before 2025-11-03, enabling a remote attacker to gain full administrative access to the database. ...
CVE-2026-7428 Insecure default administrative credentials in AlloyDB for PostgreSQL
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
PT-2026-39995
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...
SUSE SLES15 Security Update : terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls (SUSE-SU-2026:1763-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1763-1 advisory. - CVE-2025-22869: golang.org/x/crypto/ssh: denial of service when clients do not complete the key exchange in SSH servers which implement fi...
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
A previously undocumented Linux implant codenamed Quasar Linux RAT QLNX is targeting developers' systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and...
Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid
This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issues: CVE-2025-2286...
SUSE-SU-2026:1763-1 Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issues: -...
PT-2026-35172
3/4 Nation-states already weaponizing it: • Chinese APT29 Cozy Bear chaining poisoned Terraform for gov/defense persistence • Russian GRU targeting CNAPP layers in EU energy/finance 🚨 Terraform Enterprise RCE zero-day CVE-2026-81234 actively exploited & just added to CISA KEV today!...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: flux-source-controller, cert-manager-istio-csr-fips, harbor, percona-server-mongodb-operator, nuclei, cert-manager-openshift-routes, openbao, seaweedfs, agentbeat-fips, seaweedfs-rocksdb-fips, kyverno, cert-manager-openshift-routes-fips, frp, xeol, packer, neuvector,...
AZL-9179 CVE-2018-9057 for package terraform is not applicable
This CVE either no longer is or was never applicable...