linuxfoundation
CVE Severity Distribution (All Time)
Timeline Overview
Recent CVEs
View allThe OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discove…
The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific info…
The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers.
In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execut…
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest functi…
A vulnerability in APIML Spring Cloud Gateway which leverages user privileges by unexpected signing proxied request by Zowe's client certificate. Thi…
A vulnerability in the `download_model_with_test_data` function of the onnx/onnx framework, version 1.16.0, allows for arbitrary file overwrite due t…
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings expo…
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can effectively by…
Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. An OS command injection v…