The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12152 advisory. - There is a type confusion vulnerability relating ...
Continue Reading
March 01, 2023
Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes s ...
Continue Reading
March 01, 2023
Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted b ...
Continue Reading
March 01, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
March 01, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
March 01, 2023
The `execute-actions-email` endpoint of the Keycloak Admin REST API allows a malicious actor to send emails containing phishing links to Keycloak users.Read More ...
Continue Reading
March 01, 2023
### Overview Lemur was using insecure random generation for its example configuration file, as well as for some utilities. ### Impact The potentially affected generated items include: | Configuration ...
Continue Reading
March 01, 2023
A flaw was found in the GeoMap Grafana plugin, where a user can store unsanitized HTML in the GeoMap plugin under the Attribution text field, and the client will process it. The vulnerability makes it ...
Continue Reading
March 01, 2023
Back to Main
