Filter
AND

go/d7y.io/dragonfly/v2Dragonfly2 vulnerable to hard coded cyptographic key

First published (updated )

Linuxfoundation Zowe Api Mediation LayerHealth endpoint offers list of onboarded services to unauthenticated users

EPSS
0.05%
First published (updated )

Linuxfoundation BackstageInsecure sandbox in Backstage Scaffolder plugin

First published (updated )

Linuxfoundation PytorchCode Injection, Command Injection

First published (updated )

Linuxfoundation Tremor-scriptUse After Free

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation SpinnakerImproper Access Control in spinnaker

First published (updated )

Linuxfoundation ContainerdImproper Preservation of Permissions in containerd

First published (updated )

Linuxfoundation RuncOS Command Injection

First published (updated )

pip/tufTUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature…

First published (updated )

go/github.com/argoproj/argo-cd/v2Cluster secret might leak in cluster details page in Argo CD

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Nats-serverPath Traversal

First published (updated )

Linuxfoundation Edge Virtualization EngineFreely Allocate Buffer on The Stack With Data From Socket

First published (updated )

Oracle Primavera UnifierPrototype Pollution

First published (updated )

Linuxfoundation Argo-cdExternal URLs for Deployments can include javascript in argo-cd

First published (updated )

Linuxfoundation Argo-cdArgo CD users with any cluster secret update access may update out-of-bounds cluster secrets

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo-cdImproper access control allows admin privilege escalation in Argo CD

First published (updated )

Linuxfoundation Argo-cdArgo CD will blindly trust JWT claims if anonymous access is enabled

First published (updated )

Linuxfoundation Argo-cdAll unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control …

First published (updated )

Linuxfoundation Argo-cdArgo CD's certificate verification is skipped for connections to OIDC providers

First published (updated )

Linuxfoundation Argo-cdJWT audience claim is not verified

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

go/github.com/cubefs/cubefsInsecure random string generator used for sensitive data

First published (updated )

go/github.com/cubefs/cubefsCubeFS leaks magic secret key when starting Blobstore access service

First published (updated )

Redhat Enterprise Linux Server EusBuffer Overflow

First published (updated )

CVE-2019-1010245Input Validation, OS Command Injection

First published (updated )

CVE-2019-1010234Input Validation

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation OsqueryIn some configurations an attacker can inject a new executable path into the extensions.load file fo…

First published (updated )

redhat/dexA vulnerability exist in the SAML connector of the github.com/dexidp/dex library used to process SAM…

First published (updated )

go/github.com/nats-io/nats-server/v2The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired…

First published (updated )

Linuxfoundation DexCritical security issues in XML encoding in Dex

First published (updated )

Linuxfoundation OsqueryIncorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could …

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203