Filters
Software
linuxfoundation argo-cd
7
linuxfoundation dex
3
linuxfoundation cubefs
2
linuxfoundation nats-server
2
linuxfoundation osquery
2
linuxfoundation argo continuous delivery
1
linuxfoundation backstage
1
linuxfoundation besu
1
linuxfoundation ceph
1
linuxfoundation containerd
1
linuxfoundation dojo
1
linuxfoundation edge virtualization engine
1
linuxfoundation foomatic-filters
1
linuxfoundation longhorn
1
linuxfoundation loopback-connector-postgresql
1
linuxfoundation modular open smart network
1
linuxfoundation pytorch
1
linuxfoundation rocket chip generator
1
linuxfoundation runc
1
linuxfoundation spinnaker
1
linuxfoundation the update framework
1
linuxfoundation tremor
1
linuxfoundation tremor-script
1
go/github.com/cubefs/cubefsCubeFS leaks magic secret key when starting Blobstore access service
9.8
First published (updated )
go/github.com/cubefs/cubefsInsecure random string generator used for sensitive data
9.8
First published (updated )
Linuxfoundation Edge Virtualization EngineFreely Allocate Buffer on The Stack With Data From Socket
9.9
First published (updated )
go/github.com/argoproj/argo-cd/v2Cluster secret might leak in cluster details page in Argo CD
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Linuxfoundation Modular Open Smart NetworkAuthentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensit…
9.8
First published (updated )
Linuxfoundation Argo-cdArgo CD users with any cluster secret update access may update out-of-bounds cluster secrets
9.1
First published (updated )
Linuxfoundation Argo-cdJWT audience claim is not verified
9.1
First published (updated )
Linuxfoundation PytorchCode Injection, Command Injection
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Linuxfoundation DexOAuth authorization code exposure in Dex
9.3
First published (updated )
Linuxfoundation BesuIncorrect Conversion between Numeric Types in Besu Ethereum Client
9.1
First published (updated )
Linuxfoundation Loopback-connector-postgresqlloopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` Filter
10
First published (updated )
ubuntu/cephA flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to …
9.1
First published (updated )
Linuxfoundation Rocket Chip GeneratorRocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain insufficient c…
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Linuxfoundation Argo-cdArgo CD's certificate verification is skipped for connections to OIDC providers
9.6
First published (updated )
Linuxfoundation Argo-cdAll unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control …
First published (updated )
Linuxfoundation Argo-cdExternal URLs for Deployments can include javascript in argo-cd
First published (updated )
Linuxfoundation Argo-cdArgo CD will blindly trust JWT claims if anonymous access is enabled
10
First published (updated )
Linuxfoundation Argo-cdImproper access control allows admin privilege escalation in Argo CD
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Linuxfoundation ContainerdImproper Preservation of Permissions in containerd
9.1
First published (updated )
Linuxfoundation SpinnakerImproper Access Control in spinnaker
10
First published (updated )
Linuxfoundation LonghornHost operations allowed in privileged Longhorn managed pods
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Linuxfoundation TremorMemory Safety Issue when using patch or merge on state and assign the result back to state
9.8
First published (updated )
Linuxfoundation DexCritical security issues in XML encoding in Dex
9.6
First published (updated )
redhat/dexA vulnerability exist in the SAML connector of the github.com/dexidp/dex library used to process SAM…
9.8
First published (updated )
go/github.com/nats-io/nats-server/v2The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired…
9.8
First published (updated )
Linuxfoundation OsqueryIncorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could …
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/tufTUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature…
9.8
First published (updated )
CVE-2019-1010245Input Validation, OS Command Injection
9.8
First published (updated )
Linuxfoundation OsqueryIn some configurations an attacker can inject a new executable path into the extensions.load file fo…
9.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.