Filter
AND
Software
linuxfoundation dex
3
linuxfoundation cubefs
2
linuxfoundation osquery
2
linuxfoundation besu
1
linuxfoundation ceph
1
linuxfoundation dragonfly go
1
linuxfoundation edge virtualization engine
1
linuxfoundation longhorn
1
linuxfoundation loopback-connector-postgresql
1
linuxfoundation modular open smart network
1
linuxfoundation onnx
1
linuxfoundation pytorch
1
linuxfoundation rocket chip generator
1
linuxfoundation runc
1
linuxfoundation spinnaker
1
linuxfoundation the update framework
1
linuxfoundation tremor
1
linuxfoundation tremor-script
1
linuxfoundation zowe api mediation layer
1
Yocto ProjectYocto Project Security Advisory - BitBake/Toaster
9.8
EPSS
0.04%
First published (updated )
FedoraVersions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the…
9.1
EPSS
0.04%
First published (updated )
go/d7y.io/dragonfly/v2Dragonfly2 vulnerable to hard coded cyptographic key
9.8
First published (updated )
Linuxfoundation Zowe Api Mediation LayerHealth endpoint offers list of onboarded services to unauthenticated users
EPSS
0.05%
First published (updated )
npm/@backstage/plugin-scaffolder-backendInsecure sandbox in Backstage Scaffolder plugin
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Linuxfoundation PytorchCode Injection, Command Injection
9.8
First published (updated )
Linuxfoundation SpinnakerImproper Access Control in spinnaker
10
First published (updated )
containerdImproper Preservation of Permissions in containerd
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/tufTUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature…
9.8
First published (updated )
Argo CDCluster secret might leak in cluster details page in Argo CD
9.9
First published (updated )
Linuxfoundation Edge Virtualization EngineFreely Allocate Buffer on The Stack With Data From Socket
9.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Argo CDExternal URLs for Deployments can include javascript in argo-cd
First published (updated )
Argo CDArgo CD users with any cluster secret update access may update out-of-bounds cluster secrets
9.1
First published (updated )
Argo CDImproper access control allows admin privilege escalation in Argo CD
9.9
First published (updated )
Argo CDArgo CD will blindly trust JWT claims if anonymous access is enabled
10
First published (updated )
Argo CDAll unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control …
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Argo CDArgo CD's certificate verification is skipped for connections to OIDC providers
9.6
First published (updated )
go/github.com/cubefs/cubefsInsecure random string generator used for sensitive data
9.8
First published (updated )
go/github.com/cubefs/cubefsCubeFS leaks magic secret key when starting Blobstore access service
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-1010245Input Validation, OS Command Injection
9.8
First published (updated )
Linuxfoundation OsqueryIn some configurations an attacker can inject a new executable path into the extensions.load file fo…
9.3
First published (updated )
redhat/dexA vulnerability exist in the SAML connector of the github.com/dexidp/dex library used to process SAM…
9.8
First published (updated )
go/github.com/nats-io/nats-server/v2The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.