By Risk Score
By Publish Date
By Recent Activity
Recent vulnerabilities and exploits
cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569)....
In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552)....
cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561)....
cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interface (SEC-566)....
cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485)....
cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491)....
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than...
1 Github repository available
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container....
6 Github repositories available
In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. In VM environments where the IP is easy to predict, the attacker can use DNS rebinding to indirectly make requests to the Kubernetes Dashboard, create a new...
3 Github repositories available
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then...
20 Github repositories available
5 Articles available