CVE-2023-49568 vulnerabilities
Vulnerabilities for packages: nuclei, gitness, flux-kustomize-controller, zot, kots, bom, goreleaser, gitsign, scorecard, tekton-pipelines, pulumi-kubernetes-operator, pulumi-language-yaml, pulumi, src-fingerprint, argo-cd, go-licenses, pulumi-language-dotnet, pulumi-language-java, kubevela,...
7.5CVSS
8.9AI Score
0.0005EPSS
7.5AI Score
7.3AI Score
8.3CVSS
8.5AI Score
0.001EPSS
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: falcoctl-fips, flux-kustomize-controller-2.0, flux-notification-controller-2.0, wolfictl, goreleaser, actions-runner-controller, flux-source-controller-0.37, flux-kustomize-controller, zot, flux-source-controller-2.0, crossplane-provider-aws, tkn, sops, zarf, keda,...
7.3AI Score
GHSA-PPP9-7JFF-5VJ2 vulnerabilities
Vulnerabilities for packages: dynamic-localpv-provisioner, gitleaks, vt-cli, hey, k3d,...
7.3AI Score
7.5AI Score
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: clusterctl, vault-k8s, kubernetes-dns-node-cache, ipfs, src, gitlab-pages, flux-kustomize-controller, crossplane-provider-azure, prometheus-bind-exporter, hcloud, ko, tekton-chains, gitlab-runner, go, scorecard, croc, ip-masq-agent, skaffold, gostatsd, pombump, k3d,...
6.8AI Score
0.0004EPSS
5.5CVSS
7.1AI Score
0.0004EPSS
5.5CVSS
7.1AI Score
0.0004EPSS
GHSA-CG3Q-J54F-5P7P vulnerabilities
Vulnerabilities for packages: dynamic-localpv-provisioner, eks-distro-coredns,...
7.3AI Score
7.8CVSS
8AI Score
0.0004EPSS
GHSA-PXHW-596R-RWQ5 vulnerabilities
Vulnerabilities for packages: calico, kubernetes-dns-node-cache, local-static-provisioner, nodetaint, kubernetes-csi-driver-hostpath, ip-masq-agent, cluster-autoscaler, node-feature-discovery, aws-ebs-csi-driver, kubernetes, spark-operator,...
7.5AI Score
7.3AI Score
7.3AI Score
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: helm, helm-push, flux-source-controller-0.37, cert-manager-fips, zot, flux-source-controller-2.0, newrelic-infrastructure-agent, trivy, grype, kaniko, flux-helm-controller, flux-helm-controller-2.0, melange, flux-source-controller, ctop, telegraf,...
7.3AI Score
7.3AI Score
5.5CVSS
7.1AI Score
0.0004EPSS
GHSA-69CG-P879-7622 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, dynamic-localpv-provisioner, seldon-core-operator, grpcurl, hey, wireguard-go, py3-seldon-core, k3d, eks-distro-coredns,...
7.3AI Score
CVE-2024-28250 vulnerabilities
Vulnerabilities for packages: hubble-ui-backend-fips, hubble-ui,...
6.1CVSS
6.4AI Score
0.0004EPSS
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework
Hakuin is a Blind SQL Injection (BSQLI) optimization and automation framework written in Python 3. It abstracts away the inference logic and allows users to easily and efficiently extract databases (DB) from vulnerable web applications. To speed up the process, Hakuin utilizes a variety of...
puc.fusioncharts.com Cross Site Scripting vulnerability OBB-3927952
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
ventanaamicomunidad.org Cross Site Scripting vulnerability OBB-3927950
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
ahmedandcoproperties.com Cross Site Scripting vulnerability OBB-3927949
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
directfreight.truckersearch.com Cross Site Scripting vulnerability OBB-3927948
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
fjscerecruitment.com Cross Site Scripting vulnerability OBB-3927947
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
directfreight.com Cross Site Scripting vulnerability OBB-3927946
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
games.iqcenter.am Cross Site Scripting vulnerability OBB-3927945
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
jobs.atwork.com Cross Site Scripting vulnerability OBB-3927943
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...
3.9CVSS
cem-instruments.in Cross Site Scripting vulnerability OBB-3927942
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
monetizationeasy.com Cross Site Scripting vulnerability OBB-3927941
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
(RHSA-2024:2846) Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744) kernel: netfilter: nftables: exthdr: fix 4-byte stack OOB...
0.0004EPSS
blueribbonmillwork.ca Cross Site Scripting vulnerability OBB-3927939
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
apreco.com Cross Site Scripting vulnerability OBB-3927937
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Security Advisory Description CVE-2024-21054 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
4.9CVSS
0.001EPSS
Security Advisory Description CVE-2024-21049 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...
4.9CVSS
0.0004EPSS
K000139594 : libxml2 vulnerability CVE-2022-40304
Security Advisory Description An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. (CVE-2022-40304). Impact This vulnerability allows a...
7.8CVSS
0.001EPSS
K000139615 : Node.js vulnerability CVE-2024-27982
Security Advisory Description The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly,...
6.5CVSS
0.0004EPSS
K000139616 : MySQL vulnerability CVE-2024-21051
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
4.9CVSS
0.0004EPSS
Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with git clone --no-local to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repository, but...
8.1CVSS
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1,...
8.1CVSS
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 This reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap. The basic problem here is that after the move the old location is simply not...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be set to null. But....
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection is timeout. The sock....
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU grace period will pass....
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible that the RCU grace...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: io_uring: drop any code related to SCM_RIGHTS This is dead code after we dropped support for passing io_uring fds over SCM_RIGHTS, get rid of...
0.0004EPSS