| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-0752 | Envoyproxy: openshift service mesh envoy http header sanitization bypass leading to dos and unauthorized access | - | - | High | 7.1 | 2025-01-28 09:29:33 | Deep Dive |
| CVE-2025-0750 | Cri-o: cri-o path traversal in log handling functions allows arbitrary unmounting | - | - | Medium | 6.6 | 2025-01-28 09:29:31 | Deep Dive |
| CVE-2025-0650 | Ovn: egress acls may be bypassed via specially crafted udp packet | - | - | High | 8.1 | 2025-01-23 16:34:31 | Deep Dive |
| CVE-2024-11218 | Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile | - | - | High | 8.6 | 2025-01-22 04:55:31 | Deep Dive |
| CVE-2024-12084 | Rsync: heap buffer overflow in rsync due to improper checksum length handling | - | - | Critical | 9.8 | 2025-01-15 14:16:35 | Deep Dive |
| CVE-2024-12087 | Rsync: path traversal vulnerability in rsync | - | - | Medium | 6.5 | 2025-01-14 17:57:34 | Deep Dive |
| CVE-2024-12747 | Rsync: race condition in rsync handling symbolic links | - | - | Medium | 5.6 | 2025-01-14 17:39:16 | Deep Dive |
| CVE-2024-12088 | Rsync: --safe-links option bypass leads to path traversal | - | - | Medium | 6.5 | 2025-01-14 17:38:35 | Deep Dive |
| CVE-2024-12086 | Rsync: rsync server leaks arbitrary client files | - | - | Medium | 6.1 | 2025-01-14 17:37:55 | Deep Dive |
| CVE-2024-12085 | Rsync: info leak via uninitialized stack contents | - | - | High | 7.5 | 2025-01-14 17:37:16 | Deep Dive |
| CVE-2024-45497 | Openshift-api: openshift-controller-manager/build: build process in openshift allows overwriting of node pull credentials | - | - | High | 7.6 | 2024-12-31 02:19:23 | Deep Dive |
| CVE-2024-11614 | Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library | - | - | 高危 | - | 2024-12-18 08:30:50 | Deep Dive |
| CVE-2024-12698 | Ose-olm-catalogd-container: incomplete fix for rapid reset (cve-2023-39325/cve-2023-44487) | - | - | Medium | 6.5 | 2024-12-18 05:07:21 | Deep Dive |
| CVE-2024-12401 | Cert-manager: potential dos when parsing specially crafted pem inputs | - | - | Medium | 4.4 | 2024-12-12 09:06:04 | Deep Dive |
| CVE-2024-8676 | Cri-o: checkpoint restore can be triggered from different namespaces | - | - | High | 7.4 | 2024-11-26 19:15:48 | Deep Dive |
| CVE-2024-6538 | Openshift-console: openshift console: server-side request forgery | - | - | Medium | 5.3 | 2024-11-25 06:15:13 | Deep Dive |
| CVE-2024-52616 | Avahi: avahi wide-area dns predictable transaction ids | - | - | Medium | 5.3 | 2024-11-21 20:41:12 | Deep Dive |
| CVE-2024-52615 | Avahi: avahi wide-area dns uses constant source port | - | - | Medium | 5.3 | 2024-11-21 20:34:01 | Deep Dive |
| CVE-2024-0793 | Kube-controller-manager: malformed hpa v1 manifest causes crash | - | - | High | 7.7 | 2024-11-17 10:45:50 | Deep Dive |
| CVE-2020-25720 | Samba: check attribute access rights for ldap adds of computers | - | - | High | 7.5 | 2024-11-17 10:17:08 | Deep Dive |