Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' in...
6.9AI Score
EPSS
Etcd embed auto compaction retention negative value causing a compaction loop or a crash in...
7.1AI Score
Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers in...
7.5CVSS
6.7AI Score
0.001EPSS
Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server
Mattermost Cross-site Scripting vulnerability in...
6.1CVSS
6.4AI Score
0.0005EPSS
HashiCorp Vault Improper Privilege Management in github.com/hashicorp/vault
HashiCorp Vault Improper Privilege Management in...
9.1CVSS
6.7AI Score
0.002EPSS
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation in...
8.8CVSS
7.2AI Score
0.001EPSS
Grafana XSS via a query alias for the ElasticSearch datasource in github.com/grafana/grafana
Grafana XSS via a query alias for the ElasticSearch datasource in...
6.1CVSS
5.6AI Score
0.001EPSS
HashiCorp Vault Improper Privilege Management in github.com/hashicorp/vault
HashiCorp Vault Improper Privilege Management in...
5.3CVSS
6.7AI Score
0.001EPSS
Improper Neutralization of HTTP Headers in github.com/greenpau/caddy-security
Improper Neutralization of HTTP Headers in...
4.3CVSS
6.8AI Score
0.0004EPSS
Authentik vulnerable to PKCE downgrade attack in goauthentik.io
Authentik vulnerable to PKCE downgrade attack in...
8.8CVSS
6.7AI Score
0.001EPSS
6.1CVSS
6.4AI Score
0.0004EPSS
6.1CVSS
5.5AI Score
0.001EPSS
CubeFS leaks magic secret key when starting Blobstore access service in github.com/cubefs/cubefs
CubeFS leaks magic secret key when starting Blobstore access service in...
9.8CVSS
6.7AI Score
0.001EPSS
CubeFS timing attack can leak user passwords in github.com/cubefs/cubefs
CubeFS timing attack can leak user passwords in...
6.5CVSS
6.7AI Score
0.001EPSS
Minio unsafe default: Access keys inherit admin of root user, allowing privilege escalation in...
8.8CVSS
7AI Score
0.002EPSS
7.8CVSS
6.6AI Score
0.001EPSS
5.5CVSS
6.3AI Score
0.001EPSS
Improper Authentication in HashiCorp Vault in github.com/hashicorp/vault
Improper Authentication in HashiCorp Vault in...
7.5CVSS
6.7AI Score
0.001EPSS
Hashicorp Vault may expose sensitive log information in github.com/hashicorp/vault
Hashicorp Vault may expose sensitive log information in...
6.5CVSS
6.4AI Score
0.001EPSS
Apache ServiceComb Service-Center Server-Side Request Forgery vulnerability in...
7.6CVSS
6.8AI Score
0.001EPSS
MongoDB Tools Improper Certificate Validation vulnerability in github.com/mongodb/mongo-tools
MongoDB Tools Improper Certificate Validation vulnerability in...
6.5CVSS
6.7AI Score
0.001EPSS
Rancher 'Audit Log' leaks sensitive information in github.com/rancher/rancher
Rancher 'Audit Log' leaks sensitive information in...
6.5AI Score
EPSS
Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server
Mattermost denial of service through long emoji value in...
4.3CVSS
6.7AI Score
0.0004EPSS
Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server
Mattermost fails to check the "invite_guest" permission in...
4.3CVSS
6.6AI Score
0.0004EPSS
Server-Side Request Forgery in github.com/greenpau/caddy-security
Server-Side Request Forgery in...
5.3CVSS
6.8AI Score
0.001EPSS
Buildkite Elastic CI for AWS time-of-check-time-of-use race condition vulnerability in...
7CVSS
6.8AI Score
0.0004EPSS
Token leases could outlive their TTL in HashiCorp Vault in github.com/hashicorp/vault
Token leases could outlive their TTL in HashiCorp Vault in...
6.8CVSS
6.6AI Score
0.001EPSS
Mattermost Jira Plugin does not properly check security levels in...
4.1CVSS
6.8AI Score
0.0004EPSS
HashiCorp Vault Authentication bypass in github.com/hashicorp/vault
HashiCorp Vault Authentication bypass in...
8.2CVSS
6.7AI Score
0.004EPSS
Mattermost fails to properly restrict the access of files attached to posts in...
3.1CVSS
6.6AI Score
0.0004EPSS
Enumeration of users in HashiCorp Vault in github.com/hashicorp/vault
Enumeration of users in HashiCorp Vault in...
5.3CVSS
6.7AI Score
0.001EPSS
SFTP is possible on the Proxy server for any user with SFTP access in...
7.2AI Score
Moby Docker cp broken with debian containers in github.com/moby/moby
Moby Docker cp broken with debian containers in...
9.8CVSS
6.6AI Score
0.016EPSS
Grafana Cross-site Scripting (XSS) in github.com/grafana/grafana
Grafana Cross-site Scripting (XSS) in...
6.1CVSS
5.9AI Score
0.001EPSS
Denial of service in HashiCorp Consul in github.com/hashicorp/consul
Denial of service in HashiCorp Consul in...
7.5CVSS
6.6AI Score
0.002EPSS
Authenticated users can crash the CubeFS servers with maliciously crafted requests in...
6.5CVSS
6.7AI Score
0.0004EPSS
Mattermost vulnerable to denial of service via large number of emoji reactions in...
4.3CVSS
6.5AI Score
0.0005EPSS
Insufficient Session Expiration in github.com/greenpau/caddy-security
Insufficient Session Expiration in...
4.8CVSS
6.7AI Score
0.0004EPSS
The DES/3DES cipher was used as part of the TLS protocol by installation tools in...
7.1AI Score
Apache ServiceComb Service-Center Exposure of Sensitive Information to an Unauthorized Actor vulnerability in...
7.5CVSS
6.6AI Score
0.001EPSS
Etcd pkg Insecure ciphers are allowed by default in go.etcd.io/etcd/client/pkg/v3
Etcd pkg Insecure ciphers are allowed by default in...
7.1AI Score
Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in...
8.8CVSS
6.5AI Score
0.001EPSS
Insecure random string generator used for sensitive data in github.com/cubefs/cubefs
Insecure random string generator used for sensitive data in...
9.8CVSS
6.7AI Score
0.001EPSS
chasquid HTTP Request/Response Smuggling vulnerability in github.com/albertito/chasquid in...
7.5CVSS
6.7AI Score
0.0005EPSS
Mattermost fails to limit the number of role names in github.com/mattermost/mattermost-server
Mattermost fails to limit the number of role names in...
4.3CVSS
6.6AI Score
0.0004EPSS
5.4CVSS
5.6AI Score
0.005EPSS
Evmos is missing precompile checks in github.com/evmos/evmos
Evmos is missing precompile checks in...
3.5CVSS
6.6AI Score
0.0004EPSS
Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec in...
6.9AI Score
EPSS
Rancher's External RoleTemplates can lead to privilege escalation in github.com/rancher/rancher
Rancher's External RoleTemplates can lead to privilege escalation in...
7.1AI Score
EPSS
Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Argo-cd authenticated users can enumerate clusters by name in...
4.3CVSS
6.5AI Score
0.0004EPSS