Search Vulnerabilities

Daytona: Path traversal in sandbox volume id mounts arbitrary host paths into the sandbox — cross-tenant data access and host escape

Microsoft Azure Synapse Elevation of Privilege Vulnerability

Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall

IPAM controller service account granted unnecessary full access to Secrets

Local Privilege Escalation in Symantec Endpoint Protection macOS CleanWipe Removal Tool

Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation

Fission builder pods auto-mount the fission-builder ServiceAccount token in the user-supplied builder container

Fission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executables

Fission runtime pods automount the fission-fetcher service-account token into the user function container, granting function code namespace-wide se...

A vulnerability has been identified in SINEC INS (All versions < V1

Cloud-credential-operator: cco mint-mode credentialsrequest manifests grant account-wide iam access beyond cluster scope on aws

Local Privilege Escalation in VPN Client

Local privilege escalation due to excessive permissions assigned to child processes

CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

Vulnerabilities exists in IBM Netezza Performance Server Replication Services

Automic Automation Agent Unix privilege escalation

Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpo...

BIG-IP and BIG-IQ privilege escalation vulnerability

BIG-IP scripted monitor vulnerability

The new upstream added a privileged D-Bus helper called plasmaloginauthhelper, which suffers from multiple issues, e