GHSA-CG3Q-J54F-5P7P vulnerabilities
Vulnerabilities for packages: dynamic-localpv-provisioner, eks-distro-coredns,...
7.3AI Score
7.8CVSS
8AI Score
0.0004EPSS
GHSA-69CG-P879-7622 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, dynamic-localpv-provisioner, seldon-core-operator, grpcurl, hey, wireguard-go, py3-seldon-core, k3d, eks-distro-coredns,...
7.3AI Score
GHSA-PXHW-596R-RWQ5 vulnerabilities
Vulnerabilities for packages: calico, kubernetes-dns-node-cache, local-static-provisioner, nodetaint, kubernetes-csi-driver-hostpath, ip-masq-agent, cluster-autoscaler, node-feature-discovery, aws-ebs-csi-driver, kubernetes, spark-operator,...
7.5AI Score
7.3AI Score
7.3AI Score
7.5AI Score
CVE-2021-38561 vulnerabilities
Vulnerabilities for packages: dynamic-localpv-provisioner, gitleaks, vt-cli, hey, k3d,...
7.5CVSS
7.6AI Score
0.001EPSS
9.1CVSS
9.3AI Score
0.002EPSS
CVE-2022-27191 vulnerabilities
Vulnerabilities for packages: dynamic-localpv-provisioner, seldon-core-operator, py3-seldon-core, k3d, eks-distro-coredns,...
7.5CVSS
10AI Score
0.003EPSS
6.4CVSS
6.7AI Score
0.0004EPSS
4.4CVSS
5AI Score
0.0004EPSS
6.1CVSS
6.5AI Score
0.001EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: helm, helm-push, flux-source-controller-0.37, cert-manager-fips, zot, flux-source-controller-2.0, newrelic-infrastructure-agent, trivy, grype, kaniko, flux-helm-controller, flux-helm-controller-2.0, melange, flux-source-controller, ctop, telegraf,...
7.3AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework
Hakuin is a Blind SQL Injection (BSQLI) optimization and automation framework written in Python 3. It abstracts away the inference logic and allows users to easily and efficiently extract databases (DB) from vulnerable web applications. To speed up the process, Hakuin utilizes a variety of...
puc.fusioncharts.com Cross Site Scripting vulnerability OBB-3927952
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
ventanaamicomunidad.org Cross Site Scripting vulnerability OBB-3927950
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
ahmedandcoproperties.com Cross Site Scripting vulnerability OBB-3927949
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
directfreight.truckersearch.com Cross Site Scripting vulnerability OBB-3927948
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
fjscerecruitment.com Cross Site Scripting vulnerability OBB-3927947
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
directfreight.com Cross Site Scripting vulnerability OBB-3927946
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
games.iqcenter.am Cross Site Scripting vulnerability OBB-3927945
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Summary The IBM Security Directory Integrator was vulnerable to multiple security vulnerabilities in the Eclipse Jetty component. This was addressed in version 10 of the IBM Security Directory Integrator. Vulnerability Details ** CVEID: CVE-2017-9735 DESCRIPTION: **Jetty could allow a remote...
9.8CVSS
9AI Score
0.802EPSS
jobs.atwork.com Cross Site Scripting vulnerability OBB-3927943
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target...
5.5CVSS
0.001EPSS
cem-instruments.in Cross Site Scripting vulnerability OBB-3927942
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
monetizationeasy.com Cross Site Scripting vulnerability OBB-3927941
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
(RHSA-2024:2846) Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744) kernel: netfilter: nftables: exthdr: fix 4-byte stack OOB...
0.0004EPSS
blueribbonmillwork.ca Cross Site Scripting vulnerability OBB-3927939
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
metrolaw.ca Cross Site Scripting vulnerability OBB-3927938
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
apreco.com Cross Site Scripting vulnerability OBB-3927937
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Security Advisory Description CVE-2024-21054 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
4.9CVSS
0.001EPSS
Security Vulnerabilities fixed in Thunderbird 115.11 — Mozilla
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by...
K000139594 : libxml2 vulnerability CVE-2022-40304
Security Advisory Description An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. (CVE-2022-40304). Impact This vulnerability allows a...
7.8CVSS
0.001EPSS
Security Advisory Description CVE-2024-21049 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...
4.9CVSS
0.0004EPSS
K000139616 : MySQL vulnerability CVE-2024-21051
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
4.9CVSS
0.0004EPSS
K000139615 : Node.js vulnerability CVE-2024-27982
Security Advisory Description The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly,...
6.5CVSS
0.0004EPSS
Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with git clone --no-local to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repository, but...
8.1CVSS
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 This reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap. The basic problem here is that after the move the old location is simply not...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: io_uring: drop any code related to SCM_RIGHTS This is dead code after we dropped support for passing io_uring fds over SCM_RIGHTS, get rid of...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeof(u64) the value passed to skb_trim() as length will wrap around ending up as some very large value. The driver will then...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn't work exactly right and races with unix_stream_read_generic(). The safest fix....
0.0004EPSS
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
megafoni.kulma.net Cross Site Scripting vulnerability OBB-3927935
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
app.jobmatchprofile.com Cross Site Scripting vulnerability OBB-3927934
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...