'Skylark' App For IOS Security Vulnerabilities

lisinopriltabs.com Cross Site Scripting vulnerability OBB-3927641

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

demonstrations.wolfram.com Cross Site Scripting vulnerability OBB-3927640

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Exploit for Code Injection in Crushftp

CVE-2024-4040 PoC Python exploit for CVE-2024-4040...

mpmoil.com Cross Site Scripting vulnerability OBB-3927639

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to a denial of service attack using HTTP/2 protocol. [CVE-2023-44487]

Summary IBM HTTP Server (powered by Apache) used by IBM i is vulnerable to a denial of service attack due to mishandling of multiplexed streams in HTTP/2 protocol as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described....

CVE-2024-4840

An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the...

reservar.vayacamping.net Cross Site Scripting vulnerability OBB-3927638

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Internal Emails Reveal How a Controversial Gun-Detection AI System Found Its Way to NYC

NYC mayor Eric Adams wants to test Evolv’s gun-detection tech in subway stations—despite the company saying it’s not designed for that environment. Emails obtained by WIRED show how the company still found an...

sgrh.com Cross Site Scripting vulnerability OBB-3927635

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

premiumdata.net Cross Site Scripting vulnerability OBB-3927634

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

jeu-de-puzzle.net Cross Site Scripting vulnerability OBB-3927632

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

matrix-rust-sdk contains a log exposure of private key of the server-side key backup

Introduction In Matrix, the server-side key backup stores encrypted copies of Matrix message keys. This facilitates key sharing between a user's devices and provides a redundant copy in case all devices are lost. The key backup uses asymmetric cryptography, with each server-side key backup...

matrix-rust-sdk contains a log exposure of private key of the server-side key backup

Introduction In Matrix, the server-side key backup stores encrypted copies of Matrix message keys. This facilitates key sharing between a user's devices and provides a redundant copy in case all devices are lost. The key backup uses asymmetric cryptography, with each server-side key backup...

beckerdesign.net Cross Site Scripting vulnerability OBB-3927631

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

gourmetaway.net Cross Site Scripting vulnerability OBB-3927629

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: trillian, k8ssandra-operator, dockerize-fips, cni-plugins-fips, dagger, node-problem-detector, traefik-fips, kubernetes-csi-node-driver-registrar-fips, cluster-autoscaler-fips, nri-f5, flux-kustomize-controller-0.37, dgraph, wire-go, chartmuseum,...

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: spark-operator, prometheus-adapter, cluster-autoscaler-fips, calico-fips, kubernetes-dns-node-cache, nodetaint, argo-cd-fips, aws-ebs-csi-driver, calico, aws-efs-csi-driver-fips, cluster-autoscaler, aws-efs-csi-driver,...

CVE-2023-39323 vulnerabilities

Vulnerabilities for packages: smarter-device-manager-fips, kind, metrics-server, configmap-reload-fips,...

GHSA-JHWX-MHWW-RGC3 vulnerabilities

Vulnerabilities for packages: argo-cd-fips,...

CVE-2024-3817 vulnerabilities

Vulnerabilities for packages: zot, conftest, terraform, tfsec, conftest-fips, kubescape, terraform-fips, opentofu, k9s, zarf,...

CVE-2019-11255 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-provisioner,...

CVE-2022-29526 vulnerabilities

Vulnerabilities for packages: grpcurl, dynamic-localpv-provisioner, eks-distro-coredns, k3d, kind, dynamic-localpv-provisioner-fips,...

GHSA-69CH-W2M2-3VJP vulnerabilities

Vulnerabilities for packages: grpcurl, seldon-core-operator, dynamic-localpv-provisioner, gitleaks, hey, eks-distro-coredns, k3d, py3-seldon-core, vt-cli, dynamic-localpv-provisioner-fips,...

GHSA-VVPX-J8F3-3W6H vulnerabilities

Vulnerabilities for packages: grpcurl, wireguard-go, seldon-core-operator, dynamic-localpv-provisioner, go, hey, eks-distro-coredns, falco, gke-gcloud-auth-plugin, kyverno, restic, k3d, py3-seldon-core, dynamic-localpv-provisioner-fips,...

GHSA-7F9X-GW85-8GRF vulnerabilities

Vulnerabilities for packages: istio-operator-fips, falcoctl, istio-pilot-discovery, istio-pilot-agent-fips, istio-pilot-discovery-fips, istio-operator, kyverno, kubescape, istio-pilot-agent, tekton-chains, istio-cni-fips, falcoctl-fips, cosign-fips, vexctl, gitsign, istio-cni, falco,...

CVE-2022-41723 vulnerabilities

Vulnerabilities for packages: grpcurl, wireguard-go, seldon-core-operator, dynamic-localpv-provisioner, go, hey, eks-distro-coredns, falco, gke-gcloud-auth-plugin, kyverno, restic, k3d, py3-seldon-core, dynamic-localpv-provisioner-fips,...

GHSA-MVR2-9PJ6-7W5J vulnerabilities

Vulnerabilities for packages:...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: timestamp-authority-fips, vault-fips, tekton-pipelines, istio-pilot-discovery, istio-pilot-discovery-fips, spire-server-fips, cloudflared, flux-kustomize-controller, kubescape, kyverno, spire-server, vexctl, falco, tkn, flux-source-controller, cosign, rekor,...

CVE-2024-28122 vulnerabilities

Vulnerabilities for packages: mc-fips, mc, falcoctl, istio-pilot-discovery, istio-pilot-discovery-fips, spire-server-fips, kyverno, external-secrets-fips, spire-server, falco, istio-operator-fips, istio-pilot-agent, istio-cni-fips, falcoctl-fips, boring-registry-fips, istio-pilot-agent-fips,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: go-ipfs-fips, trillian, istio-pilot-discovery, k8ssandra-operator, dagger, node-problem-detector, traefik-fips, kubernetes-csi-node-driver-registrar-fips, cluster-autoscaler-fips, influxd, flux-kustomize-controller-0.37, gpu-operator, dgraph, chartmuseum,...

GHSA-G623-JCGG-MHMM vulnerabilities

Vulnerabilities for packages: argo-cd-fips,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: trillian, k8ssandra-operator, dockerize-fips, cni-plugins-fips, dagger, node-problem-detector, traefik-fips, kubernetes-csi-node-driver-registrar-fips, cluster-autoscaler-fips, nri-f5, flux-kustomize-controller-0.37, dgraph, wire-go, chartmuseum,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: trillian, k8ssandra-operator, dockerize-fips, cni-plugins-fips, dagger, node-problem-detector, traefik-fips, kubernetes-csi-node-driver-registrar-fips, cluster-autoscaler-fips, nri-f5, flux-kustomize-controller-0.37, dgraph, wire-go, chartmuseum,...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: spark-operator, kubernetes-csi-driver-hostpath, kubernetes, cluster-autoscaler-fips, calico-fips, kubernetes-dns-node-cache, local-static-provisioner, aws-ebs-csi-driver-fips, aws-ebs-csi-driver, calico, node-feature-discovery, nodetaint, aws-efs-csi-driver-fips,...

GHSA-Q78C-GWQW-JCMC vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, calico-fips, aws-ebs-csi-driver, calico, aws-efs-csi-driver-fips, cluster-autoscaler, argo-cd, aws-efs-csi-driver,...

CVE-2023-3955 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, calico-fips, aws-ebs-csi-driver, calico, aws-efs-csi-driver-fips, cluster-autoscaler, argo-cd, aws-efs-csi-driver,...

GHSA-C5PJ-MQFH-RVC3 vulnerabilities

Vulnerabilities for packages: buildah, cadvisor-fips, wolfictl, newrelic-infrastructure-agent, ingress-nginx-controller-fips,...

GHSA-XJP4-HW94-MVP5 vulnerabilities

Vulnerabilities for packages: trino, cassandra-reaper-jre-bcfips,...

CVE-2024-29131 vulnerabilities

Vulnerabilities for packages: trino, cassandra-reaper-jre-bcfips,...

GHSA-679V-HH23-H5JH vulnerabilities

Vulnerabilities for packages: smarter-device-manager-fips, kind, metrics-server, configmap-reload-fips,...

CVE-2024-21664 vulnerabilities

Vulnerabilities for packages: mc, falcoctl, istio-pilot-discovery, istio-pilot-discovery-fips, spire-server-fips, kyverno, external-secrets-fips, kubescape, spire-server, vexctl, falco, istio-operator-fips, tekton-chains, istio-pilot-agent, istio-cni-fips, falcoctl-fips, cosign-fips, gitsign,...

CVE-2022-21698 vulnerabilities

Vulnerabilities for packages: dynamic-localpv-provisioner-fips, eks-distro-coredns,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: karpenter, external-dns, aws-load-balancer-controller-fips, prometheus, mc, prometheus-statsd-exporter-fips, trillian, aws-ebs-csi-driver, pulumi-language-dotnet, terraform, kyverno-policy-reporter-ui, istio-pilot-discovery, wavefront-collector-for-kubernetes,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: prometheus-statsd-exporter-fips, aws-ebs-csi-driver, kyverno-policy-reporter-ui, petname, helm-push, goreleaser, cni-plugins-fips, kubernetes-csi-node-driver-registrar-fips, flannel-cni-plugin, cortex, ctop, cluster-autoscaler-fips, prometheus-beat-exporter-fips,...

CVE-2023-47108 vulnerabilities

Vulnerabilities for packages: kubernetes, docker-compose, kine, temporal, envoy-ratelimit, aws-ebs-csi-driver, kubevela, kyverno, kubescape, temporal-server-fips, cri-tools, containerd, kubernetes-fips, prometheus-adapter-fips, cert-manager-fips, cluster-autoscaler-fips, kube-oidc-proxy, k3s,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: karpenter, external-dns, prometheus, grype, mc, terraform, pulumi-language-dotnet, kyverno-policy-reporter-ui, terraform-provider-azurerm, vault-k8s-fips, tctl, prometheus-adapter, node-problem-detector, istio-envoy, cosign, external-dns-fips,...

CVE-2024-27289 vulnerabilities

Vulnerabilities for packages: caddy, kots, trillian, wavefront-collector-for-kubernetes, vault, argo-workflows, step-ca, trillian-fips, telegraf, argo-workflows-fips,...

CVE-2020-8908 vulnerabilities

Vulnerabilities for packages: trino, elasticsearch, maven,...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: kubernetes, grype, skaffold, nvidia-device-plugin, kubescape, zarf, datadog-agent-fips, nvidia-device-plugin-fips, buildkitd, newrelic-infrastructure-agent, skopeo, syft, ctop, docker, kubernetes-fips, trivy, cadvisor, k3s, kaniko, ingress-nginx-controller, telegraf,.....

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: istio-pilot-discovery, cloudflared, spire-server-fips, spire-server, step, goreleaser, tkn, traefik-fips, cosign, tekton-chains, rook, istio-pilot-agent-fips, istio-operator, external-secrets-operator, grafana, cert-manager, zot, timestamp-authority, keda, step-ca,...