Aggregator

Chaos Mesh Critical Vulnerabilities Expose Kubernetes Clusters to Takeover

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
2 months 4 weeks ago

Security Research recently uncovered four new flaws, CVE-2025-59358, CVE-2025-59359, CVE-2025-59360, and CVE-2025-59361, in the default configuration of the Chaos Controller Manager GraphQL server, a popular open-source chaos engineering platform for Kubernetes. Three of these flaws carry a maximum CVSS 3.1 score of 9.8, enabling any pod in the cluster to run arbitrary commands or inject […]

The post Chaos Mesh Critical Vulnerabilities Expose Kubernetes Clusters to Takeover appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2022-50298 | Linux Kernel up to 5.15.74/5.19.16/6.0.2 slimbus kernel/notifier.c allocation of resources (Nessus ID 265271)

Vuldb Updates
2 months 4 weeks ago
A vulnerability classified as critical has been found in Linux Kernel up to 5.15.74/5.19.16/6.0.2. The impacted element is an unknown function of the file kernel/notifier.c of the component slimbus. This manipulation causes allocation of resources. This vulnerability is handled as CVE-2022-50298. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-50281 | Linux Kernel up to 5.10.149/5.15.74/5.19.16/6.0.2 SGI-IP27 bridge_platform_create memory leak (Nessus ID 265272 / WID-SEC-2025-2053)

Vuldb Updates
2 months 4 weeks ago
A vulnerability was found in Linux Kernel up to 5.10.149/5.15.74/5.19.16/6.0.2. It has been declared as critical. This impacts the function bridge_platform_create of the component SGI-IP27. The manipulation results in memory leak. This vulnerability is identified as CVE-2022-50281. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-6351 | Google Chrome up to 119.0.6045.159 libavif use after free (FEDORA-2023-145f259a77 / Nessus ID 265315)

Vuldb Updates
2 months 4 weeks ago
A vulnerability was found in Google Chrome. It has been rated as critical. The affected element is an unknown function of the component libavif. Performing manipulation results in use after free. This vulnerability is identified as CVE-2023-6351. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2023-6350 | Google Chrome up to 119.0.6045.159 libavif out-of-bounds (FEDORA-2023-145f259a77 / Nessus ID 265315)

Vuldb Updates
2 months 4 weeks ago
A vulnerability was found in Google Chrome and classified as problematic. This vulnerability affects unknown code of the component libavif. The manipulation results in out-of-bounds read. This vulnerability was named CVE-2023-6350. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

Managed ad