Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-33634 KEV |
|
[KEV] Vulnerability in Aquasecurity trivy (CVE-2026-33634)
vulnerability in Aquasecurity trivy (CVE-2026-33634). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-4342 |
|
Vulnerability in nginx (CVE-2026-4342)
vulnerability in nginx (CVE-2026-4342). Successful exploitation can lead to full system takeover.
|
| CVE-2025-15558 |
|
Vulnerability in c (CVE-2025-15558)
vulnerability in c (CVE-2025-15558). Successful exploitation can lead to full system takeover.
|
| CVE-2026-29049 |
|
Vulnerability in chainguard.dev/melange (CVE-2026-29049)
vulnerability in chainguard.dev/melange (CVE-2026-29049). Risk of unauthorized operations or information disclosure. Exploitable via ``io.Copy``. Mitigation: upgrade to `0.43.4` or later.
|
| CVE-2026-28406 |
|
Path Traversal in chainguard (CVE-2026-28406)
path traversal in chainguard (CVE-2026-28406). Data can be tampered with by attackers. Exploitable via ``dest``.
|
| CGA-7jqj-8457-jm46 |
|
Vulnerability in amazon-ecs-agent-fips (CGA-7jqj-8457-jm46)
vulnerability in amazon-ecs-agent-fips (CGA-7jqj-8457-jm46). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.100.1-r2` or later.
|
| CVE-2023-42917 KEV |
|
[KEV] Out-of-Bounds Write in Apple java (CVE-2023-42917)
out-of-bounds write in Apple java (CVE-2023-42917). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
|
| CVE-2023-41993 KEV |
|
[KEV] Vulnerability in Apple java (CVE-2023-41993)
vulnerability in Apple java (CVE-2023-41993). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
|
| CVE-2020-8562 |
|
Vulnerability in k8s.io/kubernetes (CVE-2020-8562)
vulnerability in k8s.io/kubernetes (CVE-2020-8562). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-15752 KEV |
|
[KEV] Vulnerability in Docker desktop-community-edition (CVE-2019-15752)
vulnerability in Docker desktop-community-edition (CVE-2019-15752). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-8561 |
|
Vulnerability in k8s.io/kubernetes (CVE-2020-8561)
vulnerability in k8s.io/kubernetes (CVE-2020-8561). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-25740 |
|
Vulnerability in k8s.io/kubernetes (CVE-2021-25740)
vulnerability in k8s.io/kubernetes (CVE-2021-25740). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-8554 |
|
Vulnerability in k8s.io/kubernetes (CVE-2020-8554)
vulnerability in k8s.io/kubernetes (CVE-2020-8554). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14992 |
|
Vulnerability in dos (CVE-2017-14992)
vulnerability in dos (CVE-2017-14992). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-0047 |
|
Vulnerability in docker (CVE-2014-0047)
vulnerability in docker (CVE-2014-0047). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002100 |
|
Information Disclosure in kubernetes (CVE-2017-1002100)
vulnerability in kubernetes (CVE-2017-1002100). Confidential information can be exposed externally.
|
| CVE-2015-7561 |
|
Vulnerability in kubernetes (CVE-2015-7561)
vulnerability in kubernetes (CVE-2015-7561). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11468 |
|
Vulnerability in dos (CVE-2017-11468)
vulnerability in dos (CVE-2017-11468). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000056 |
|
Vulnerability in privilege-escalation (CVE-2017-1000056)
vulnerability in privilege-escalation (CVE-2017-1000056). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9962 |
|
Vulnerability in docker (CVE-2016-9962)
vulnerability in docker (CVE-2016-9962). Successful exploitation can lead to full system takeover.
|