PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS
PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
smoothways.net Cross Site Scripting vulnerability OBB-3932443
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
yalebooks.co.uk Cross Site Scripting vulnerability OBB-3932442
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-4148 Redos (Regular Expression Denial of Service) in lunary-ai/lunary
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary application, version 1.2.10. An attacker can exploit this vulnerability by maliciously manipulating regular expressions, which can significantly impact the response time of the application and potentially...
7.1AI Score
forum-startup-chemie.de Cross Site Scripting vulnerability OBB-3932439
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
chemicalparks.com Cross Site Scripting vulnerability OBB-3932438
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dechemax.de Cross Site Scripting vulnerability OBB-3932436
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: flux-source-controller, sops, terragrunt, oauth2-proxy, dex, fulcio, kyverno, cert-manager, cilium-envoy, falco, tekton-chains, traefik, vault, vexctl, cloudflared, istio-pilot-discovery, aactl, kubescape, argo-workflows, tekton-pipelines, slsa-verifier,...
7.5AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: flannel, metrics-server, sigstore-scaffolding, gitlab-runner, temporal-ui-server, configmap-reload, influx, opentofu, policy-controller, supercronic, tekton-chains, stakater-reloader, hugo-extended, hubble, prometheus-alertmanager, vault, gitness, temporal,...
7.5AI Score
GHSA-X84C-P2G9-RQV9 vulnerabilities
Vulnerabilities for packages: dagger, docker-compose, kaniko, prometheus, melange, harbor-scanner-trivy, syft, policy-controller, cri-tools, grype, docker, helm-push, k3d, wolfictl, buf, tekton-pipelines,...
7.5AI Score
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: flux-source-controller, flux-helm-controller, eksctl, helm-operator, up, zarf, chartmuseum, zot, cert-manager, istio-operator, k8sgpt, kubescape, cilium-cli, helm-push, k9s, kots,...
6.5AI Score
0.0004EPSS
9.8AI Score
0.001EPSS
5.6AI Score
0.0004EPSS
CVE-2024-28219 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, pytorch,...
6.7AI Score
0.0004EPSS
7.7AI Score
0.005EPSS
7.5AI Score
5.6AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.7AI Score
0.001EPSS
6.6AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
GHSA-RHH4-RH7C-7R5V vulnerabilities
Vulnerabilities for packages: zarf, nuclei, datadog-agent, kubescape, k9s,...
7.5AI Score
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: telegraf, trillian, src, k3s, spicedb, temporal-server, kine, ferretdb, amass, caddy, keda, step-ca, kube-bench, kots, vault,...
9.7AI Score
0.0004EPSS
CVE-2024-29018 vulnerabilities
Vulnerabilities for packages: kargo, crossplane, telegraf, melange, zot, aactl, grype, kubescape, kaniko, loki, cadvisor, prometheus, tkn, up, syft, goreleaser, spire-server, buildkitd, trivy, conftest, dagger, docker-compose, ko, ctop, datadog-agent, wolfictl,...
5.9AI Score
0.0004EPSS
GHSA-MQ39-4GV4-MVPX vulnerabilities
Vulnerabilities for packages: kargo, crossplane, telegraf, melange, zot, aactl, grype, kubescape, kaniko, loki, cadvisor, prometheus, tkn, up, syft, goreleaser, spire-server, buildkitd, trivy, conftest, dagger, docker-compose, ko, ctop, datadog-agent, wolfictl,...
7.5AI Score
CVE-2024-21506 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, datadog-agent,...
5.3AI Score
0.0004EPSS
GHSA-4265-CCF5-PHJ5 vulnerabilities
Vulnerabilities for packages: wavefront-proxy, trino, dependency-track, gradle, opensearch, jenkins,...
7.5AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: telegraf, zot, grype, ingress-nginx-controller, kubescape, k9s, kaniko, cadvisor, nerdctl, zarf, syft, newrelic-infrastructure-agent, skopeo, docker, k3d, kots, buildkitd, runc, trivy, k3s, ctop, datadog-agent, kubernetes, nvidia-device-plugin, wolfictl,...
7.5AI Score
0.051EPSS
7.1AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
7.1AI Score
0.0005EPSS
6.8AI Score
0.0004EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: flux-source-controller, telegraf, eksctl, melange, zot, cert-manager, gitness, flux-helm-controller, grype, kubescape, helm-push, kaniko, tekton-pipelines, up, kubevela, newrelic-infrastructure-agent, cilium-cli, k3d, kots, trivy, ctop, fuse-overlayfs-snapshotter,...
7.5AI Score
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: flux-source-controller, flux-helm-controller, eksctl, helm-operator, up, zarf, chartmuseum, zot, cert-manager, istio-operator, k8sgpt, kubescape, cilium-cli, helm-push, k9s, kots,...
7.5AI Score
Vulnerabilities for packages: cloudflared, kubernetes-dns-node-cache,...
5.5AI Score
0.0004EPSS
CVE-2024-23652 vulnerabilities
Vulnerabilities for packages: conftest, datadog-agent, guac, zot, kubescape, docker, kaniko, buildkitd, trivy, skaffold,...
9.6AI Score
0.001EPSS
CVE-2024-25710 vulnerabilities
Vulnerabilities for packages: wavefront-proxy, trino, dependency-track, gradle, opensearch, jenkins,...
5.6AI Score
0.001EPSS
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: cert-manager, falco, tekton-chains, bom, aactl, kubescape, tekton-pipelines, slsa-verifier, paranoia, loki, prometheus, up, chartmuseum, goreleaser, k3d, k3s, kpt, ctop, skaffold,...
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: metrics-server, sigstore-scaffolding, gitlab-runner, opentofu, stakater-reloader, gitness, aws-efs-csi-driver, kubernetes-csi-node-driver-registrar, aactl, cluster-autoscaler, dotnet, secrets-store-csi-driver-provider-gcp, gobuster, prometheus-bind-exporter,...
8.7AI Score
0.72EPSS
Vulnerabilities for packages: local-static-provisioner, kubernetes-csi-driver-hostpath, kubernetes, node-feature-discovery, ip-masq-agent, cluster-autoscaler, nodetaint, spark-operator, aws-ebs-csi-driver, kubernetes-dns-node-cache,...
3.8AI Score
0.0004EPSS
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: flux-source-controller, melange, neuvector-sigstore-interface, zot, falco, policy-controller, tekton-chains, vexctl, apko, aactl, kubescape, slsa-verifier, tkn, zarf, goreleaser, spire-server, gitsign, ko, wolfictl, falcoctl,...
7.5AI Score
GHSA-MRWW-27VC-GGHV vulnerabilities
Vulnerabilities for packages: telegraf, trillian, src, k3s, spicedb, temporal-server, kine, ferretdb, amass, caddy, keda, step-ca, kube-bench, kots, vault,...
7.5AI Score
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: argo-cd, melange, pulumi-kubernetes-operator, flux-notification-controller,...
7.7AI Score
0.0005EPSS
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: vt-cli, metrics-server, cni-plugins, gitlab-runner, temporal-ui-server, configmap-reload, influx, opentofu, supercronic, mockery, yq, nri-rabbitmq, mongo-tools, stakater-reloader, prometheus-alertmanager, gitness, temporal, aws-efs-csi-driver,...
6.5AI Score
0.0004EPSS