Search Vulnerabilities

gittuf's policy can be rolled back to prior valid versions

FileBrowser Vulnerable to Stored XSS via SVG File in Public Share (Missing CSP Header)

FileBrowser Public Share DELETE API Path Traversal Allows Unauthenticated Arbitrary File Deletion

etcd RBAC bypass allows unauthorized data access via PrevKv/lease attachment in nested transaction Put requests

ShellHub has cross-tenant IDOR in `GET /api/namespaces/:tenant` via API Key bypasses membership check

Daptin's Session Management Vulnerability Leads to Insufficient Session Expiration After Password Change

Talos Linux has a local privilege escalation from untrusted workloads

Kubetail has a Cross-Site WebSocket Hijacking issue that allows attacker to read Kubernetes logs from authenticated users

Free5GC UDM has Improper Input Validation and Generation of Error Messages Containing Sensitive Information

go-ipld-prime's DAG-CBOR and DAG-JSON decoders have unbounded recursion depth

Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI

ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction

Free5GC AMF has Missing Concurrent NAS SMC Validation During NGAP Handover

Free5GC AMF Bypasses UE Security Capabilities on NGAP PathSwitchRequest

Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect

Fleet: Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering

Rancher Extensions have arbitrary file access via path traversal

Amazon ECS Container Agent (Windows) is vulnerable to Information Disclosure

Gotenberg allows Chromium URL conversion routes to read arbitrary files under /tmp via file:// scheme

Gotenberg vulnerable to unauthenticated SSRF via default deny-list bypass in downloadFrom and webhook