Filter
Software
kubernetes
56
kubernetes ingress-nginx
8
kubernetes kubelet
8
kubernetes minikube
3
kubernetes dashboard
2
kubernetes image builder
2
kubernetes java
2
kubernetes apiserver
1
kubernetes aws-iam-authenticator
1
kubernetes container storage interface snapshotter
1
kubernetes continuous deploy
1
kubernetes csi proxy
1
kubernetes external-provisioner
1
kubernetes external-resizer
1
kubernetes external-snapshotter
1
kubernetes kube-apiserver
1
kubernetes kube-state-metrics
1
kubernetes nginx ingress controller
1
kubernetes operations
1
kubernetes secrets-store-csi-driver
1
[kubernetes] CVE-2025-0426: Node Denial of Service via kubelet Checkpoint API
First published (updated )
[kubernetes] CVE-2024-9042: Command Injection affecting Windows nodes via nodes/*/logs/query API
First published (updated )
[kubernetes] CVE-2024-10220: Arbitrary command execution through gitpo volume
First published (updated )
go/github.com/kubernetes-sigs/image-builderVM images built with Image Builder and Proxmox provider use default credentials
9.8
EPSS
0.07%
First published (updated )
go/github.com/kubernetes-sigs/image-builderVM images built with Image Builder with some providers use default credentials during builds
8.1
EPSS
0.06%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
[kubernetes] CVE-2024-5321: Incorct permissions on Windows containers logs
First published (updated )
redhat openshift container platformCri-o: malicious container can create symlink on host
8.1
EPSS
0.04%
First published (updated )
[kubernetes] CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes
First published (updated )
KubernetesKubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation
8.8
First published (updated )
go/k8s.io/kubernetesWindows kube-proxy LoadBalancer contention
6.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/k8s.io/ingress-nginxIngress-nginx `path` sanitization can be bypassed with `log_format` directive
8.8
First published (updated )
go/k8s.io/ingress-nginxIngress nginx annotation injection causes arbitrary command execution
8.8
First published (updated )
go/k8s.io/ingress-nginxCode injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
8.8
First published (updated )
CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
First published (updated )
Kubernetes OperationsPrivilege Escalation in kOps using GCE/GCP Provider in Gossip Mode
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes Csi ProxyKubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
[kubernetes] CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation
First published (updated )
[kubernetes] CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation
First published (updated )
go/k8s.io/kubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
go/k8s.io/kubernetesKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes KubeletA security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcemen…
1
First published (updated )
go/k8s.io/kubernetesBypass of seccomp profile enforcement
5.5
First published (updated )
redhat/kube-apiserverBypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin
6.5
First published (updated )
redhat/kube-apiserverBypassing policies imposed by the ImagePolicyWebhook admission plugin
6.5
First published (updated )
Kubernetes secrets-store-csi-driverKubernetes secrets-store-csi-driver discloses service account tokens in logs
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Kubernetes Minikube[minikube] ssh server with default password
8.4
First published (updated )
go/k8s.io/ingress-nginxIngress-nginx `path` sanitization can be bypassed with newline character
7.6
First published (updated )
Kubernetes Minikube[minikube] Network Port exposure in minikube running on macOS using Docker driver
9.8
First published (updated )
go/github.com/kubernetes/kubernetesNode address isn't always verified when proxying
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.