PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS
PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in ops_init net_alloc_generic is called by net_alloc, which is called without any locking. It reads max_gen_ptrs, which is changed under pernet_ops_rwsem. It is read twice, first to allocate an array,....
7.1AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
6.5AI Score
0.0004EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: istio-pilot-discovery, terragrunt, flux-kustomize-controller, sops, dex, oauth2-proxy, gitsign, cloudflared, rekor, tekton-pipelines, argo-workflows, falco, traefik, cert-manager, cosign, kots, kubescape, slsa-verifier, fulcio, external-secrets-operator, vexctl,...
7.5AI Score
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: cilium-cli, helm-push, helm, newrelic-infrastructure-agent, gitness, melange, tekton-pipelines, up, trivy, fuse-overlayfs-snapshotter, cert-manager, telegraf, kots, skaffold, kubescape, kaniko, eksctl, kubevela, ctop, zot, flux-source-controller, flux-helm-controller,....
7.5AI Score
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: helm-operator, cilium-cli, kubescape, zarf, flux-source-controller, helm-push, zot, cert-manager, k8sgpt, flux-helm-controller, eksctl, istio-operator, chartmuseum, k9s, kots, up,...
6.5AI Score
0.0004EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: flux-kustomize-controller, oauth2-proxy, goreleaser, atlantis, ollama, nats, up, gobuster, prometheus-bind-exporter, telegraf, cue, opentofu, nodetaint, conftest, gke-gcloud-auth-plugin, thanos, grpcurl, kyverno, coredns, kind, keda, ko, haproxy-ingress,...
8.1AI Score
0.72EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver, terragrunt, sops, oauth2-proxy, goreleaser, kyverno-policy-reporter, atlantis, ollama, cloudflared, kubernetes-csi-external-resizer, osv-scanner, actions-runner-controller, crossplane-provider-aws, prometheus-operator, nats, istio-cni, rekor,...
7.5AI Score
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: helm-operator, cilium-cli, kubescape, zarf, flux-source-controller, helm-push, zot, cert-manager, k8sgpt, flux-helm-controller, eksctl, istio-operator, chartmuseum, k9s, kots, up,...
7.5AI Score
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: goreleaser, tekton-pipelines, up, falco, kpt, cert-manager, prometheus, paranoia, skaffold, kubescape, slsa-verifier, scorecard, loki, tekton-chains, ctop, k3s, aactl, bom, chartmuseum,...
7.5AI Score
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: dask-gateway, kubecolor, aws-ebs-csi-driver, flux-kustomize-controller, sops, oauth2-proxy, atlantis, lazygit, cloudflared, kubernetes-csi-external-resizer, multus-cni, osv-scanner, crossplane-provider-aws, nats-server, redka, rekor, s5cmd, tekton-pipelines, go-fips,.....
6.5AI Score
0.0004EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver, terragrunt, sops, oauth2-proxy, goreleaser, kyverno-policy-reporter, atlantis, ollama, cloudflared, kubernetes-csi-external-resizer, osv-scanner, actions-runner-controller, crossplane-provider-aws, prometheus-operator, nats, istio-cni, rekor,...
6.7AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: dask-gateway, prometheus-operator, nri-nginx, nri-mssql, up, nri-nagios, delve, supercronic, crane, cue, esbuild, opentofu, step, task, prometheus-beat-exporter, tigera-operator, keda, ko, cilium, aws-network-policy-agent, containerd, hcloud, gitsign,...
7AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: go-bindata, go-md2man, helm-push, wait-for-port, sops, goreleaser, nsc, nats, aws-flb-cloudwatch, kubernetes-dashboard-metrics-scraper, gitlab-logger, influx, cortex, gobuster, configmap-reload, falco, ip-masq-agent, local-path-provisioner, oras,...
8.2AI Score
0.001EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: dask-gateway, kubecolor, aws-ebs-csi-driver, flux-kustomize-controller, sops, oauth2-proxy, atlantis, lazygit, cloudflared, kubernetes-csi-external-resizer, multus-cni, osv-scanner, crossplane-provider-aws, nats-server, redka, rekor, s5cmd, tekton-pipelines, go-fips,.....
7.5AI Score
Vulnerabilities for packages: aws-ebs-csi-driver, flux-kustomize-controller, oauth2-proxy, goreleaser, prometheus-operator, ollama, kubernetes-csi-external-resizer, crossplane-provider-aws, gobuster, prometheus-bind-exporter, flux-image-automation-controller, prometheus-statsd-exporter, telegraf,.....
6.5AI Score
0.001EPSS
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: istio-pilot-discovery, filebeat, kargo, helm, kubeflow-katib, gitsign, goreleaser, k8sgpt, newrelic-infrastructure-agent, dagger, skopeo, buildkitd, tekton-pipelines, argo-workflows, trivy, up, falco, nerdctl, falcoctl, traefik, cert-manager, telegraf, crane,...
7.8AI Score
0.001EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
7.5AI Score
GHSA-RCJV-MGP8-QVMR vulnerabilities
Vulnerabilities for packages: caddy, gatekeeper, cert-manager, prometheus-adapter, kubernetes, prometheus, kubevela, thanos, gitlab-kas, k3s, keda, ipfs, up,...
7.5AI Score
CVE-2023-45142 vulnerabilities
Vulnerabilities for packages: caddy, gatekeeper, cert-manager, prometheus-adapter, kubernetes, prometheus, kubevela, thanos, gitlab-kas, k3s, keda, ipfs, up,...
7.7AI Score
0.001EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: terragrunt, flux-kustomize-controller, sops, oauth2-proxy, goreleaser, kyverno-policy-reporter, atlantis, ollama, cloudflared, rekor, actions-runner-controller, crossplane-provider-aws, nats-server, nats, istio-cni, kube-rbac-proxy, nri-mssql, tekton-pipelines, up,...
7AI Score
0.962EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
6.5AI Score
0.0004EPSS
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: dask-gateway, prometheus-operator, nri-nginx, nri-mssql, up, nri-nagios, delve, supercronic, crane, cue, esbuild, opentofu, step, task, prometheus-beat-exporter, tigera-operator, keda, ko, cilium, aws-network-policy-agent, containerd, hcloud, gitsign,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: dask-gateway, kubecolor, aws-ebs-csi-driver, flux-kustomize-controller, sops, oauth2-proxy, atlantis, lazygit, cloudflared, kubernetes-csi-external-resizer, multus-cni, osv-scanner, crossplane-provider-aws, nats-server, redka, rekor, s5cmd, tekton-pipelines,...
7.5AI Score
GHSA-C5Q2-7R4C-MV6G vulnerabilities
Vulnerabilities for packages: timestamp-authority, containerd, istio-pilot-discovery, terragrunt, flux-kustomize-controller, kargo, dex, oauth2-proxy, gitsign, goreleaser, skopeo, cloudflared, rekor, istio-cni, melange, tekton-pipelines, argo-workflows, frp, falco, step-ca, nerdctl, falcoctl,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
7.5AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver, flux-kustomize-controller, oauth2-proxy, goreleaser, prometheus-operator, atlantis, ollama, kubernetes-csi-external-resizer, crossplane-provider-aws, nats, istio-cni, up, gobuster, prometheus-bind-exporter, flux-image-automation-controller,...
8.2AI Score
0.002EPSS
CVE-2024-26147 vulnerabilities
Vulnerabilities for packages: helm-operator, cilium-cli, kubescape, zarf, flux-source-controller, helm-push, zot, cert-manager, k8sgpt, flux-helm-controller, eksctl, istio-operator, chartmuseum, k9s, kots, up,...
7.7AI Score
0.0004EPSS
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
7.5AI Score
GHSA-8PGV-569H-W5RW vulnerabilities
Vulnerabilities for packages: containerd, kubescape, aws-ebs-csi-driver, cert-manager, temporal-server, kyverno, kine, argo-cd, kubernetes, kubernetes-csi-external-resizer, kubevela, k3s, docker-compose, keda, temporal, cri-tools,...
7.5AI Score
CVE-2023-47108 vulnerabilities
Vulnerabilities for packages: containerd, kubescape, aws-ebs-csi-driver, cert-manager, temporal-server, kyverno, kine, argo-cd, kubernetes, kubernetes-csi-external-resizer, kubevela, k3s, docker-compose, keda, temporal, cri-tools,...
7.7AI Score
0.001EPSS
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
6.5AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
6.5AI Score
0.0004EPSS
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: go-bindata, go-md2man, helm-push, wait-for-port, sops, goreleaser, nsc, nats, aws-flb-cloudwatch, kubernetes-dashboard-metrics-scraper, gitlab-logger, influx, cortex, gobuster, configmap-reload, falco, ip-masq-agent, local-path-provisioner, oras,...
7.4AI Score
0.001EPSS
GHSA-V53G-5GJP-272R vulnerabilities
Vulnerabilities for packages: helm-operator, cilium-cli, kubescape, zarf, flux-source-controller, helm-push, zot, cert-manager, k8sgpt, flux-helm-controller, eksctl, istio-operator, chartmuseum, k9s, kots, up,...
7.5AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: go-bindata, go-md2man, helm-push, wait-for-port, sops, goreleaser, nsc, nats, aws-flb-cloudwatch, kubernetes-dashboard-metrics-scraper, gitlab-logger, influx, cortex, gobuster, configmap-reload, falco, ip-masq-agent, local-path-provisioner, oras,...
7.5AI Score
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: go-bindata, go-md2man, helm-push, wait-for-port, sops, goreleaser, nsc, nats, aws-flb-cloudwatch, kubernetes-dashboard-metrics-scraper, gitlab-logger, influx, cortex, gobuster, configmap-reload, falco, ip-masq-agent, local-path-provisioner, oras,...
7.5AI Score
CVE-2024-28180 vulnerabilities
Vulnerabilities for packages: timestamp-authority, containerd, istio-pilot-discovery, terragrunt, flux-kustomize-controller, kargo, dex, oauth2-proxy, gitsign, goreleaser, skopeo, cloudflared, rekor, istio-cni, melange, tekton-pipelines, argo-workflows, frp, falco, step-ca, nerdctl, falcoctl,...
5AI Score
0.0004EPSS
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver, flux-kustomize-controller, oauth2-proxy, goreleaser, prometheus-operator, ollama, kubernetes-csi-external-resizer, crossplane-provider-aws, gobuster, prometheus-bind-exporter, flux-image-automation-controller, prometheus-statsd-exporter, telegraf,.....
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver, flux-kustomize-controller, oauth2-proxy, goreleaser, prometheus-operator, atlantis, ollama, kubernetes-csi-external-resizer, crossplane-provider-aws, nats, istio-cni, up, gobuster, prometheus-bind-exporter, flux-image-automation-controller,...
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: terragrunt, flux-kustomize-controller, sops, oauth2-proxy, goreleaser, kyverno-policy-reporter, atlantis, ollama, cloudflared, rekor, actions-runner-controller, crossplane-provider-aws, nats-server, nats, istio-cni, kube-rbac-proxy, nri-mssql, tekton-pipelines, up,...
7.5AI Score
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, flux-kustomize-controller, dex, helm, kubeflow-katib, goreleaser, oauth2-proxy, buildkitd, up, cortex, falco, cluster-autoscaler, pulumi-language-dotnet, pulumi-language-yaml, cert-manager, pulumi-language-java, telegraf,...
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: flux-kustomize-controller, oauth2-proxy, goreleaser, atlantis, ollama, nats, up, gobuster, prometheus-bind-exporter, telegraf, cue, opentofu, nodetaint, conftest, gke-gcloud-auth-plugin, thanos, grpcurl, kyverno, coredns, kind, keda, ko, haproxy-ingress,...
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: dask-gateway, aws-ebs-csi-driver, nri-rabbitmq, goreleaser, kyverno-policy-reporter, lazygit, prometheus-operator, kubernetes-csi-external-resizer, s5cmd, actions-runner-controller, nri-nginx, nats-server, nats, nri-mssql, kube-rbac-proxy, gitlab-logger, up, gobuster,....
6.5AI Score
0.0004EPSS
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: dask-gateway, kubecolor, aws-ebs-csi-driver, flux-kustomize-controller, sops, oauth2-proxy, atlantis, lazygit, cloudflared, kubernetes-csi-external-resizer, multus-cni, osv-scanner, crossplane-provider-aws, nats-server, redka, rekor, s5cmd, tekton-pipelines,...
6.5AI Score
0.0004EPSS
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: istio-pilot-discovery, filebeat, kargo, helm, kubeflow-katib, gitsign, goreleaser, k8sgpt, newrelic-infrastructure-agent, dagger, skopeo, buildkitd, tekton-pipelines, argo-workflows, trivy, up, falco, nerdctl, falcoctl, traefik, cert-manager, telegraf, crane,...
7.5AI Score
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.8AI Score
0.72EPSS