Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kubernetes kubernetes vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2022-0270
Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups.
Mirantis Bored-agent
6.5
CVSSv2
CVE-2021-43858
MinIO is a Kubernetes native application for cloud storage. Prior to version `RELEASE.2021-12-27T07-23-18Z`, a malicious client can hand-craft an HTTP API call that allows for updating policy for a user and gaining higher privileges. The patch in version `RELEASE.2021-12-27T07-23...
Minio Minio
2 Github repositories
6.5
CVSSv2
CVE-2021-41137
Minio is a Kubernetes native application for cloud storage. All users on release `RELEASE.2021-10-10T16-53-30Z` are affected by a vulnerability that involves bypassing policy restrictions on regular users. Normally, checkKeyValid() should return owner true for rootCreds. In the a...
Minio Minio 2021-10-10t16-53-30z
6.5
CVSSv2
CVE-2021-34824
Istio (1.8.x, 1.9.0-1.9.5 and 1.10.0-1.10.1) contains a remotely exploitable vulnerability where credentials specified in the Gateway and DestinationRule credentialName field can be accessed from different namespaces.
Istio Istio
1 Github repository
6.5
CVSSv2
CVE-2020-17121
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server 2016
1 Article
6.5
CVSSv2
CVE-2020-17132
Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Server 2013
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
2 Articles
6.5
CVSSv2
CVE-2020-17142
Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Server 2013
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
1 Article
6.5
CVSSv2
CVE-2020-17158
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
Microsoft Dynamics 365
1 Article
6.5
CVSSv2
CVE-2020-17152
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
Microsoft Dynamics 365
1 Article
6.5
CVSSv2
CVE-2020-2211
Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin 1.3 and previous versions does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
Jenkins Kubernetes Ci
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »