Media Library Folder & File Manager Security Vulnerabilities

CVE-2024-5379

A vulnerability was found in JFinalCMS up to 20240111. It has been rated as problematic. This issue affects some unknown processing of the file /admin/template. The manipulation of the argument directory leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2024-5378

A vulnerability was found in SourceCodester School Intramurals Student Attendance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_sy.php. The manipulation of the argument id leads to sql injection. The attack can be initiated...

CVE-2024-5379 JFinalCMS template cross site scripting

A vulnerability was found in JFinalCMS up to 20240111. It has been rated as problematic. This issue affects some unknown processing of the file /admin/template. The manipulation of the argument directory leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2024-5378 SourceCodester School Intramurals Student Attendance Management System manage_sy.php sql injection

A vulnerability was found in SourceCodester School Intramurals Student Attendance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_sy.php. The manipulation of the argument id leads to sql injection. The attack can be initiated...

CVE-2024-5376

A vulnerability was found in Kashipara College Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file view_each_faculty.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The...

CVE-2024-5377

A vulnerability was found in SourceCodester Vehicle Management System 1.0. It has been classified as critical. This affects an unknown part of the file /newvehicle.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit...

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: tomcat, ip-masq-agent, gitness, git-lfs, kubewatch, argo-cd, hugo, wireguard-go, vault-csi-provider, skaffold, ollama, aactl, gitlab-shell, node-problem-detector, flux-notification-controller, gatekeeper, external-dns, cert-manager, slsa-verifier,...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: argo-cd, terragrunt, kubescape, cloudflared, gitsign, aactl, cosign, kyverno, fulcio, tekton-chains, cert-manager, slsa-verifier, oauth2-proxy, argo-workflows, cilium-envoy, dex, keda, sops, tekton-pipelines, vault, vexctl, istio-pilot-discovery, spire-server,...

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: kubescape, skaffold, k3d, bom, ctop, aactl, chartmuseum, scorecard, k3s, tekton-chains, cert-manager, slsa-verifier, up, paranoia, tekton-pipelines, goreleaser, kpt, loki, falco,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, crossplane-provider-aws, kubewatch, argo-cd, kubeadm-controlplane-controller, hugo, prometheus-beat-exporter, terraform-docs, zot, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, ollama, aactl, gitlab-shell,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, kubewatch, argo-cd, kubeadm-controlplane-controller, go-bindata, prometheus-beat-exporter, terraform-docs, wireguard-go, nri-haproxy, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, speedtest-go, gitlab-shell,...

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: gitness, kubevela, kubescape, zot, cilium-cli, skaffold, grype, k3d, kaniko, ctop, helm, flux-helm-controller, cert-manager, newrelic-infrastructure-agent, up, tekton-pipelines, fuse-overlayfs-snapshotter, helm-push, melange, trivy, telegraf, kots, eksctl,...

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: helm-operator, chartmuseum, kubescape, zot, flux-helm-controller, helm-push, istio-operator, cert-manager, cilium-cli, kots, trivy, eksctl, flux-source-controller, k8sgpt, k9s, up,...

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: helm-operator, chartmuseum, kubescape, zot, flux-helm-controller, helm-push, istio-operator, cert-manager, cilium-cli, kots, trivy, eksctl, flux-source-controller, k8sgpt, k9s, up,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: gitness, git-lfs, crossplane-provider-aws, kubewatch, argo-cd, hugo, zot, wireguard-go, vault-csi-provider, skaffold, flux-image-automation-controller, k3d, ollama, aactl, node-problem-detector, flux-notification-controller, gatekeeper, external-dns,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: helm-operator, docker-credential-gcr, kubevela, kubescape, policy-controller, zot, gitlab-runner, skaffold, gitsign, crane, bom, ctop, aactl, cosign, skopeo, scorecard, k3s, istio-pilot-agent, filebeat, helm, flux-helm-controller, kubeflow-katib, kyverno,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, crossplane-provider-aws, kubewatch, argo-cd, kubeadm-controlplane-controller, hugo, prometheus-beat-exporter, terraform-docs, zot, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, ollama, aactl, gitlab-shell,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, kubewatch, argo-cd, kubeadm-controlplane-controller, go-bindata, prometheus-beat-exporter, terraform-docs, wireguard-go, nri-haproxy, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, speedtest-go, gitlab-shell,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, kubewatch, argo-cd, kubeadm-controlplane-controller, go-bindata, prometheus-beat-exporter, terraform-docs, wireguard-go, nri-haproxy, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, speedtest-go, gitlab-shell,...

CVE-2023-45142 vulnerabilities

Vulnerabilities for packages: keda, kubevela, k3s, caddy, gitlab-kas, thanos, prometheus-adapter, gatekeeper, prometheus, cert-manager, ipfs, calico, up,...

GHSA-RCJV-MGP8-QVMR vulnerabilities

Vulnerabilities for packages: keda, kubevela, k3s, caddy, gitlab-kas, thanos, prometheus-adapter, gatekeeper, prometheus, cert-manager, ipfs, calico, up,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws, kubeadm-controlplane-controller, prometheus-beat-exporter, terraform-docs, nri-haproxy, skaffold, kustomize, filebeat, nri-kafka, cluster-proportional-autoscaler, src, argo-workflows, src-fingerprint, nri-postgresql, atlantis, buildkitd, fq,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, git-lfs, crossplane-provider-aws, kubewatch, terraform-docs, go-bindata, prometheus-beat-exporter, zot, wireguard-go, skaffold, kustomize, crane, k3d, nvidia-container-toolkit, aactl, local-static-provisioner, glab,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, git-lfs, crossplane-provider-aws, kubewatch, terraform-docs, go-bindata, prometheus-beat-exporter, zot, wireguard-go, skaffold, kustomize, crane, k3d, nvidia-container-toolkit, aactl, local-static-provisioner, glab,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, go-bindata, gobuster, gops, smarter-device-manager, k3d, kubernetes-dashboard-metrics-scraper, mage, ctop, gitlab-logger, gosu, aactl, aws-flb-cloudwatch, petname, scorecard, gke-gcloud-auth-plugin, sbom-scorecard, slsa-verifier, aws-flb-firehose, nats,....

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: gitness, git-lfs, crossplane-provider-aws, kubewatch, argo-cd, terraform-docs, hugo, zot, wireguard-go, vault-csi-provider, flux-image-automation-controller, k3d, ollama, aactl, gitlab-shell, node-problem-detector, gatekeeper, external-dns, cert-manager,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws, kubeadm-controlplane-controller, prometheus-beat-exporter, terraform-docs, nri-haproxy, skaffold, kustomize, filebeat, nri-kafka, cluster-proportional-autoscaler, src, argo-workflows, src-fingerprint, nri-postgresql, atlantis, buildkitd, fq,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, git-lfs, crossplane-provider-aws, kubewatch, terraform-docs, go-bindata, prometheus-beat-exporter, zot, wireguard-go, skaffold, kustomize, crane, k3d, nvidia-container-toolkit, aactl, local-static-provisioner, glab,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: gitness, git-lfs, crossplane-provider-aws, kubewatch, argo-cd, hugo, zot, wireguard-go, vault-csi-provider, skaffold, flux-image-automation-controller, k3d, ollama, aactl, gitlab-shell, node-problem-detector, flux-notification-controller, gatekeeper, external-dns,...

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator, grafana, argo-cd, terragrunt, kubescape, policy-controller, zot, ko, cilium, grpc-health-probe, cloudflared, skaffold, gitsign, aactl, cosign, skopeo, bank-vaults, istio-pilot-agent, kyverno, fulcio, tekton-chains, cert-manager,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, kubewatch, argo-cd, kubeadm-controlplane-controller, go-bindata, prometheus-beat-exporter, terraform-docs, wireguard-go, nri-haproxy, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, speedtest-go, gitlab-shell,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, kubewatch, argo-cd, kubeadm-controlplane-controller, go-bindata, prometheus-beat-exporter, terraform-docs, wireguard-go, nri-haproxy, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, speedtest-go, gitlab-shell,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, kubewatch, argo-cd, kubeadm-controlplane-controller, go-bindata, prometheus-beat-exporter, terraform-docs, wireguard-go, nri-haproxy, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, speedtest-go, gitlab-shell,...

GHSA-8PGV-569H-W5RW vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, temporal, keda, kubevela, argo-cd, k3s, kubescape, kyverno, docker-compose, kubernetes-csi-external-resizer, cert-manager, temporal-server, kine, cri-tools, envoy-ratelimit, containerd,...

CVE-2023-47108 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, temporal, keda, kubevela, argo-cd, k3s, kubescape, kyverno, docker-compose, kubernetes-csi-external-resizer, cert-manager, temporal-server, kine, cri-tools, envoy-ratelimit, containerd,...

CVE-2024-26147 vulnerabilities

Vulnerabilities for packages: helm-operator, chartmuseum, kubescape, zot, flux-helm-controller, helm-push, istio-operator, cert-manager, cilium-cli, kots, trivy, eksctl, flux-source-controller, k8sgpt, k9s, up,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, kubewatch, argo-cd, kubeadm-controlplane-controller, go-bindata, prometheus-beat-exporter, terraform-docs, wireguard-go, nri-haproxy, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, speedtest-go, gitlab-shell,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, gitness, kubewatch, argo-cd, kubeadm-controlplane-controller, go-bindata, prometheus-beat-exporter, terraform-docs, wireguard-go, nri-haproxy, vault-csi-provider, skaffold, kustomize, flux-image-automation-controller, k3d, speedtest-go, gitlab-shell,...

GHSA-V53G-5GJP-272R vulnerabilities

Vulnerabilities for packages: helm-operator, chartmuseum, kubescape, zot, flux-helm-controller, helm-push, istio-operator, cert-manager, cilium-cli, kots, trivy, eksctl, flux-source-controller, k8sgpt, k9s, up,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: ip-masq-agent, go-bindata, gobuster, gops, smarter-device-manager, k3d, kubernetes-dashboard-metrics-scraper, mage, ctop, gitlab-logger, gosu, aactl, aws-flb-cloudwatch, petname, scorecard, gke-gcloud-auth-plugin, sbom-scorecard, slsa-verifier, aws-flb-firehose, nats,....

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, go-bindata, gobuster, gops, smarter-device-manager, k3d, kubernetes-dashboard-metrics-scraper, mage, ctop, gitlab-logger, gosu, aactl, aws-flb-cloudwatch, petname, scorecard, gke-gcloud-auth-plugin, sbom-scorecard, slsa-verifier, aws-flb-firehose, nats,....

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: gitness, git-lfs, crossplane-provider-aws, kubewatch, argo-cd, hugo, zot, wireguard-go, vault-csi-provider, skaffold, flux-image-automation-controller, k3d, ollama, aactl, gitlab-shell, node-problem-detector, flux-notification-controller, gatekeeper, external-dns,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: gitness, git-lfs, crossplane-provider-aws, kubewatch, argo-cd, hugo, zot, wireguard-go, vault-csi-provider, skaffold, flux-image-automation-controller, k3d, ollama, aactl, node-problem-detector, flux-notification-controller, gatekeeper, external-dns,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: tomcat, ip-masq-agent, gitness, git-lfs, kubewatch, argo-cd, hugo, wireguard-go, vault-csi-provider, skaffold, ollama, aactl, gitlab-shell, node-problem-detector, flux-notification-controller, gatekeeper, external-dns, cert-manager, slsa-verifier,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: gitness, git-lfs, crossplane-provider-aws, kubewatch, argo-cd, terraform-docs, hugo, zot, wireguard-go, vault-csi-provider, flux-image-automation-controller, k3d, ollama, aactl, gitlab-shell, node-problem-detector, gatekeeper, external-dns, cert-manager,...

CVE-2024-28180 vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator, grafana, argo-cd, terragrunt, kubescape, policy-controller, zot, ko, cilium, grpc-health-probe, cloudflared, skaffold, gitsign, aactl, cosign, skopeo, bank-vaults, istio-pilot-agent, kyverno, fulcio, tekton-chains, cert-manager,...