CVE-2026-27136 affecting package kubernetes for versions less than 1.30.10-25

CVE-2026-27136 affecting package kubernetes for versions less than 1.30.10-25. A patched version of the package is available...

CVE-2026-42506 affecting package kubernetes for versions less than 1.30.10-25

CVE-2026-42506 affecting package kubernetes for versions less than 1.30.10-25. A patched version of the package is available...

CVE-2026-39834 affecting package kubernetes for versions less than 1.30.10-25

CVE-2026-39834 affecting package kubernetes for versions less than 1.30.10-25. A patched version of the package is available...

CVE-2026-39829 affecting package kubernetes for versions less than 1.30.10-25

CVE-2026-39829 affecting package kubernetes for versions less than 1.30.10-25. A patched version of the package is available...

CVE-2026-35469 affecting package kubernetes for versions less than 1.30.10-23

CVE-2026-35469 affecting package kubernetes for versions less than 1.30.10-23. A patched version of the package is available...

AZL-77013 CVE-2025-58190 affecting package kubernetes 1.30.10-20

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

AZL-77016 CVE-2025-47911 affecting package kubernetes 1.30.10-20

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

CVE-2025-13281 affecting package kubernetes for versions less than 1.30.10-18

CVE-2025-13281 affecting package kubernetes for versions less than 1.30.10-18. A patched version of the package is available...

Kimai contains a SameSite cookie vulnerability

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session...

kimai 安全漏洞

kimai is a web-based multi-user time tracking application by the individual developer of kimai. A security vulnerability exists in kimai version 1.30.10, which stems from an improper implementation of the SameSite cookie and could lead to session hijacking...

PT-2025-52527

Name of the Vulnerable Software and Affected Versions Kimai version 1.30.10 Description Kimai version 1.30.10 has a SameSite cookie flaw that allows attackers to steal user session cookies. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie...

CVE-2025-52565 affecting package kubernetes for versions less than 1.30.10-15

CVE-2025-52565 affecting package kubernetes for versions less than 1.30.10-15. A patched version of the package is available...

CVE-2025-30204 affecting package kubernetes for versions less than 1.30.10-4

CVE-2025-30204 affecting package kubernetes for versions less than 1.30.10-4. A patched version of the package is available...

Authorization

A vulnerability was found in KylinSoft kylin-activation on KylinOS and classified as critical. Affected by this issue is some unknown functionality of the component File Import. The manipulation leads to improper authorization. The attack needs to be approached locally. The exploit has been...

PT-2023-16792 · Unknown · Kylin-Activation

Name of the Vulnerable Software and Affected Versions: kylin-activation versions prior to 1.3.11-23 and 1.30.10-5.p23 Description: A critical issue was found in the File Import component of kylin-activation, leading to improper authorization. The attack must be approached locally. The exploit has...