Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes kubernetes vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-1000056
Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.
Kubernetes Kubernetes 1.5.2
Kubernetes Kubernetes 1.5.1
Kubernetes Kubernetes 1.5.3
Kubernetes Kubernetes 1.5.4
Kubernetes Kubernetes 1.5.0
7.2
CVSSv2
CVE-2022-29179
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cili...
Cilium Cilium
6.9
CVSSv2
CVE-2020-4739
IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local authenticated malicious user to execute arbitrary code on the system, caused by DLL search order hijacking vul...
Ibm Db2 9.7.0.0
Ibm Db2 10.1.0.0
Ibm Db2 10.5.0.0
Ibm Db2 11.1.0.0
Ibm Db2
1 Article
6.9
CVSSv2
CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and previous versions is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
Sudo Project Sudo
1 EDB exploit
4 Github repositories
6.8
CVSSv2
CVE-2022-31034
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v0.11.0 are vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently rando...
Linuxfoundation Argo-cd 2.3.4
Linuxfoundation Argo-cd 2.4.0
Linuxfoundation Argo-cd 2.2.9
Linuxfoundation Argo-cd
6.8
CVSSv2
CVE-2022-0759
A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate (it...
Redhat Kubeclient
6.8
CVSSv2
CVE-2021-41266
Minio console is a graphical user interface for the for MinIO operator. Minio itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. All users on release v0.12.2 and ...
Min Minio Console
6.8
CVSSv2
CVE-2021-31938
Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability
Microsoft Kubernetes Tools -
6.8
CVSSv2
CVE-2021-3499
A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service.
Ovn Ovn-kubernetes
6.8
CVSSv2
CVE-2021-28448
Visual Studio Code Kubernetes Tools Remote Code Execution Vulnerability
Microsoft Visual Studio Code Kubernetes Tools
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »