CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

263 matches found

Snyk•added 2026/02/12 10:6 p.m.•4 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the overrides.yoke.cd/flight annotation, which allows a user-supplied URL to be used directly by the controller without validation. An attacker can execute arbitrary code within the controller context by...

8.8CVSS6.2AI score0.0006EPSS

Exploits1References2

SUSE CVE•added 2026/02/07 12:24 a.m.•8 views

SUSE CVE-2026-24514

A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx...

6.5CVSS5.4AI score0.00019EPSS

Exploits1References3

RedhatCVE•added 2026/02/05 1:22 a.m.•5 views

CVE-2026-24514

6.5CVSS5.4AI score0.00019EPSS

Exploits1References1

Github Security Blog•added 2026/02/04 12:30 a.m.•6 views

ingress-nginx vulnerable to Allocation of Resources Without Limits or Throttling

6.5CVSS5.5AI score0.00019EPSS

Exploits1References3Affected Software1

OSV•added 2026/02/03 11:16 p.m.•1 views

CVE-2026-24514

6.5CVSS5.8AI score0.00019EPSS

Exploits1References1

NVD•added 2026/02/03 11:16 p.m.•5 views

CVE-2026-24514

6.5CVSS0.00019EPSS

Exploits1References1

Snyk•added 2026/02/03 10:55 p.m.•5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the validating admission controller feature. An attacker can exhaust system memory resources by sending large requests, potentially causing the controller pod to be terminated or...

7.1CVSS5.5AI score0.00019EPSS

Exploits1References2

Cvelist•added 2026/02/03 10:17 p.m.•33 views

CVE-2026-24514 ingress-nginx Admission Controller denial of service

6.5CVSS0.00019EPSS

Exploits1References1

ATTACKERKB•added 2026/02/03 10:17 p.m.•8 views

CVE-2026-24514

6.5CVSS5.4AI score0.00019EPSS

Exploits1References2

Fedora•added 2025/11/29 4:49 p.m.•5 views

[SECURITY] Fedora 43 Update: unbound-1.24.2-1.fc43

Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...

7.1CVSS6.3AI score0.00068EPSS

Exploits0

Github Security Blog•added 2025/11/06 11:35 p.m.•7 views

KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes

Summary The permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. Details Following the GitHub security advisory published on March 23 2023, a ValidatingAdmissionPolicy w...

6.9CVSS5.5AI score0.00104EPSS

Exploits1References3Affected Software1

Fedora•added 2025/11/01 1:42 a.m.•5 views

[SECURITY] Fedora 43 Update: unbound-1.24.1-1.fc43

7.1CVSS7AI score0.00068EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-0372

Malware in sbrugna...

9CVSS8.6AI score0.01256EPSS

Exploits1References9

Fedora•added 2025/08/06 1:56 a.m.•3 views

[SECURITY] Fedora 41 Update: unbound-1.23.1-1.fc41

8.7CVSS7.3AI score0.00235EPSS

Exploits0

RedhatCVE•added 2025/05/23 2:45 a.m.•1 views

CVE-2023-21667

Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard...

6.5CVSS6.9AI score0.00082EPSS

Exploits0References1

Snyk•added 2025/03/24 11:43 p.m.•4 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization in the Validating Admission Controller feature. An attacker with access to the pod network can execute code, which allows them to access stored secrets. By default, the controller can access al...

9.8CVSS7.4AI score0.9113EPSS

Exploits20References2

Snyk•added 2025/03/24 11:43 p.m.•4 views

Improper Isolation or Compartmentalization

9.8CVSS7.4AI score0.9113EPSS

Exploits20References2

Snyk•added 2025/03/24 11:43 p.m.•4 views

Improper Isolation or Compartmentalization

9.8CVSS7.4AI score0.9113EPSS

Exploits20References2

RedHat Linux•added 2025/03/20 4:53 a.m.•3 views

Important: Red Hat Security Advisory: Gatekeeper v3.18.0

Gatekeeper v3.18.0 Gatekeeper v3.18.0 Gatekeeper is a validating webhook with auditing capabilities that can enforce custom resource definition-based policies that are run with the Open Policy Agent OPA. Gatekeeper is supported through a Red Hat Advanced Cluster Management for Kubernetes...

7.5CVSS6.6AI score0.00607EPSS

Exploits0References8

CVE•added 2024/11/22 9:0 p.m.•39 views

CVE-2024-9732

CVE-2024-9732 describes a remote code execution in Tungsten Automation Power PDF caused by a Use-After-Free in XPS file parsing. The issue stems from not validating an object's existence before performing operations, allowing an attacker who entices a target to open a malicious XPS file or visit ...

7.8CVSS8AI score0.00887EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by