Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

747 matches found

VMware
VMwareadded 2021/02/09 12:0 a.m.41 views

VMSA-2021-0001:vSphere Replication updates address a command injection vulnerability

Advisory ID: VMSA-2021-0001 CVSSv3 Range: 7.2 Issue Date:2021-02-11 Updated On: 2021-02-11 Initial Advisory CVEs: CVE-2021-21976 Synopsis: vSphere Replication updates address a command injection vulnerability CVE-2021-21976 RSS Feed Download PDF Download Text File Share this page on social media:...

7.2CVSS7.9AI score0.02074EPSS
Exploits0References18Affected Software1
RedHat Linux
RedHat Linuxadded 2020/12/14 1:11 p.m.51 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.8 security and packages update

Red Hat OpenShift Container Platform release 4.6.8 is now available with updates to packages and images that fix several bugs. An update for ironic-images, openshift, openshift-ansible, openshift-clients, and python-eventlet, cri-o, openshift-kuryr, python-pyroute2 is now available for Red Hat...

5.5CVSS6.4AI score0.00505EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2020/12/14 1:11 p.m.1 views

kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider

A flaw was found in kubernetes. Clusters running on VSphere, using VSphere as a cloud provider a with logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log...

5.5CVSS6.8AI score0.00505EPSS
Exploits0References6
Microsoft CVE
Microsoft CVEadded 2020/12/09 12:0 a.m.2 views

Secret leaks in logs for vSphere Provider kube-controller-manager

...

5.5CVSS7AI score0.00505EPSS
Exploits0
NVD
NVDadded 2020/12/07 10:15 p.m.19 views

CVE-2020-8563

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects v1.19.3...

5.5CVSS4.7AI score0.00505EPSS
Exploits0References3
OSV
OSVadded 2020/12/07 10:15 p.m.20 views

CVE-2020-8563

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects v1.19.3...

5.5CVSS6.5AI score
Exploits0References3
UbuntuCve
UbuntuCveadded 2020/12/07 10:15 p.m.20 views

CVE-2020-8563

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects v1.19.3...

5.5CVSS6.6AI score0.00505EPSS
Exploits0References4
Prion
Prionadded 2020/12/07 10:15 p.m.20 views

Code injection

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects v1.19.3...

2.1CVSS5.3AI score0.00505EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2020/12/07 10:15 p.m.2 views

UBUNTU-CVE-2020-8563

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects v1.19.3...

5.5CVSS6.9AI score0.00505EPSS
Exploits0References5
CVE
CVEadded 2020/12/07 10:0 p.m.246 views

CVE-2020-8563

CVE-2020-8563 describes a local-information leak in Kubernetes clusters using the vSphere cloud provider: when kube-controller-manager runs with logLevel >= 4, VSphere credentials can be written to logs. The issue affects Kubernetes versions prior to 1.19.3 (as stated in the description). Conn...

5.5CVSS5AI score0.00505EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2020/12/07 10:0 p.m.28 views

CVE-2020-8563 Secret leaks in logs for vSphere Provider kube-controller-manager

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects v1.19.3...

4.7CVSS5.1AI score0.00505EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2020/12/07 10:0 p.m.23 views

CVE-2020-8563

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects v1.19.3...

5.5CVSS5.2AI score0.00505EPSS
Exploits0
GitLab Advisory Database
GitLab Advisory Databaseadded 2020/12/07 12:0 a.m.24 views

Inclusion of Sensitive Information in Log Files

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log...

5.5CVSS2.5AI score0.00505EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2020/11/05 8:15 p.m.3 views

CVE-2020-5939

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition VE systems on VMware, with an Intel-based 85299 Network Interface Controller NIC card and Single Root I/O Virtualization SR-IOV enabled on vSphere, may fail and leave the...

7.5CVSS7.1AI score0.01002EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/11/05 7:14 p.m.22 views

CVE-2020-5939

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition VE systems on VMware, with an Intel-based 85299 Network Interface Controller NIC card and Single Root I/O Virtualization SR-IOV enabled on vSphere, may fail and leave the...

7.5AI score0.01002EPSS
Exploits0References1
OSV
OSVadded 2020/11/05 3:15 p.m.2 views

CVE-2020-27688

RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The...

7.5CVSS5.8AI score0.01923EPSS
Exploits0References2
NVD
NVDadded 2020/11/05 3:15 p.m.12 views

CVE-2020-27688

RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The...

7.5CVSS7.4AI score0.01923EPSS
Exploits0References2
Prion
Prionadded 2020/11/05 3:15 p.m.37 views

Design/Logic Flaw

RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The...

5CVSS7.4AI score0.01923EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2020/11/05 2:59 p.m.52 views

CVE-2020-27688

RVTools 4.0.6 is affected by CVE-2020-27688: RVToolsPasswordEncryption.exe uses a static IV and key for encryption, and the Decrypt() method in VISKD.cs within RVTools.exe can decrypt the stored passwords. This creates a risk that passwords in configuration files could be recovered by anyone with...

7.5CVSS7.4AI score0.01923EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2020/11/05 2:59 p.m.18 views

CVE-2020-27688

RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The...

7.4AI score0.01923EPSS
Exploits0References2
Rows per page
Query Builder