Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes kubernetes vulnerabilities and exploits
(subscribe to this query)
703
VMScore
CVE-2020-26278
Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vulnerability in which can allow an malicious user to take over any host in the clus...
Weave Weave
696
VMScore
CVE-2022-23772
Rat.SetString in math/big in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
Debian Debian Linux 9.0
5 Github repositories
695
VMScore
CVE-2019-9512
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consum...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Nodejs Node.js
2 Github repositories
1 Article
695
VMScore
CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
1 Article
694
VMScore
CVE-2022-1708
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and ...
Kubernetes Cri-o
Kubernetes Cri-o 1.24.0
Fedoraproject Fedora 36
Redhat Enterprise Linux 7.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Enterprise Linux 9.0
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform 4.9
685
VMScore
CVE-2020-4062
In Conjur OSS Helm Chart prior to 2.0.0, a recently identified critical vulnerability resulted in the installation of the Conjur Postgres database with an open port. This allows an malicious user to gain full read & write access to the Conjur Postgres database, including esca...
Cyberark Conjur Oss Helm Chart
668
VMScore
CVE-2021-39159
BinderHub is a kubernetes-based cloud service that allows users to share reproducible interactive computing environments from code repositories. In affected versions a remote code execution vulnerability has been identified in BinderHub, where providing BinderHub with maliciously...
Jupyter Binderhub
668
VMScore
CVE-2021-21243
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. These endpoints do not enforce any authentication or authorization checks. This issue may lead to pre-aut...
Onedev Project Onedev
668
VMScore
CVE-2020-25179
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
Gehealthcare 3.0t Signa Hdxt Firmware -
Gehealthcare 3.0t Signa Hd 16 Firmware -
Gehealthcare 3.0t Signa Hd 23 Firmware -
Gehealthcare 1.5t Brivo Mr355 Firmware -
Gehealthcare Optima Mr360 Firmware -
Gehealthcare Signa Hdi 1.5t Firmware -
Gehealthcare Signa Vibrant Firmware -
Gehealthcare Logiq 5 Bt03 Firmware -
Gehealthcare Logiq 7 Bt03 Firmware -
Gehealthcare Logiq 7 Bt04 Firmware -
Gehealthcare Logiq 7 Bt06 Firmware -
Gehealthcare Logiq 9 Bt02 Firmware -
Gehealthcare Logiq 9 Bt03 Firmware -
Gehealthcare Logiq 9 Bt04 Firmware -
Gehealthcare Logiq 9 Bt06 Firmware -
Gehealthcare Vivid I Bt06 Firmware -
Gehealthcare Vivid 7 Bt02 Firmware -
Gehealthcare Vivid 7 Bt06 Firmware -
Gehealthcare Echopac Bt06 Firmware -
Gehealthcare Image Vault Firmware -
Gehealthcare Voluson 730 Bt05 Firmware -
Gehealthcare Voluson 730 Bt08 Firmware -
1 Article
668
VMScore
CVE-2020-5911
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.
F5 Nginx Controller 1.0.1
F5 Nginx Controller
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »