GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: osv-scanner, flux-helm-controller, tkn, kyverno-policy-reporter-kyverno-plugin, goreleaser, gh, restic, atlantis, terraform-provider-azurerm, nats, ollama, prometheus-node-exporter, trivy, cri-tools, cilium, envoy-ratelimit, kube-bench, rekor, thanos-operator,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.7AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, dgraph, gobuster, goreleaser, helm-push, docker-credential-ecr-login, cilium-envoy, prometheus-bind-exporter, sops, vertical-pod-autoscaler, gops, nats, nsc, kind, aws-flb-firehose, go-bindata, grpcurl, go-md2man, metrics-server, oras, cortex,...
7.5CVSS
7.9AI Score
0.001EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.7AI Score
0.0004EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: osv-scanner, flux-helm-controller, tkn, kyverno-policy-reporter-kyverno-plugin, goreleaser, gh, restic, atlantis, terraform-provider-azurerm, nats, ollama, prometheus-node-exporter, trivy, cri-tools, cilium, envoy-ratelimit, kube-bench, rekor, thanos-operator,...
6.3AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: tkn, restic, atlantis, terraform-provider-azurerm, ollama, prometheus-node-exporter, fq, kube-bench, crossplane-provider-aws, multus-cni, bazelisk, nri-postgresql, vault-k8s, tigera-operator, harbor, temporal-server, prometheus-stackdriver-exporter, sbom-scorecard,...
6.2AI Score
0.0004EPSS
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: tkn, restic, atlantis, terraform-provider-azurerm, ollama, prometheus-node-exporter, fq, kube-bench, crossplane-provider-aws, multus-cni, bazelisk, nri-postgresql, vault-k8s, tigera-operator, harbor, temporal-server, prometheus-stackdriver-exporter, sbom-scorecard,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.7AI Score
0.0004EPSS
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, dgraph, gobuster, goreleaser, helm-push, docker-credential-ecr-login, cilium-envoy, prometheus-bind-exporter, sops, vertical-pod-autoscaler, gops, nats, nsc, kind, aws-flb-firehose, go-bindata, grpcurl, go-md2man, metrics-server, oras, cortex,...
5.3CVSS
7.2AI Score
0.001EPSS
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, dgraph, gobuster, goreleaser, helm-push, docker-credential-ecr-login, cilium-envoy, prometheus-bind-exporter, sops, vertical-pod-autoscaler, gops, nats, nsc, kind, aws-flb-firehose, go-bindata, grpcurl, go-md2man, metrics-server, oras, cortex,...
7.5AI Score
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, dgraph, gobuster, goreleaser, helm-push, docker-credential-ecr-login, cilium-envoy, prometheus-bind-exporter, sops, vertical-pod-autoscaler, gops, nats, nsc, kind, aws-flb-firehose, go-bindata, grpcurl, go-md2man, metrics-server, oras, cortex,...
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.5AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.7AI Score
0.0004EPSS
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...
7.7AI Score
0.0004EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, scorecard, cortex, kyverno, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, atlantis, kubernetes-csi-external-resizer, cluster-autoscaler-fips,...
7.3AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.5AI Score
0.0004EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.3AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.5AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: scorecard, cortex, kyverno, protoc-gen-go-grpc, k3d, smarter-device-manager, go-licenses, kubernetes-csi-livenessprobe, cni-plugins-fips, tigera-operator, kubernetes-csi-external-resizer, cluster-autoscaler-fips, gke-gcloud-auth-plugin, calico-fips, goreleaser, mage,.....
7.5CVSS
7.6AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, scorecard, cortex, kyverno, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, atlantis, kubernetes-csi-external-resizer, cluster-autoscaler-fips,...
5.9AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.3AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.5AI Score
0.0004EPSS
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.5AI Score
0.0004EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: scorecard, cortex, kyverno, protoc-gen-go-grpc, k3d, smarter-device-manager, go-licenses, kubernetes-csi-livenessprobe, cni-plugins-fips, tigera-operator, kubernetes-csi-external-resizer, cluster-autoscaler-fips, gke-gcloud-auth-plugin, calico-fips, goreleaser, mage,.....
7.3AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: newrelic-nri-statsd, prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, cortex, kyverno, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, atlantis,...
5.8AI Score
0.0004EPSS
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: newrelic-nri-statsd, prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, cortex, kyverno, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, atlantis,...
7.3AI Score
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.3AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.5AI Score
0.0004EPSS
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.3AI Score
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: scorecard, cortex, kyverno, protoc-gen-go-grpc, k3d, smarter-device-manager, go-licenses, kubernetes-csi-livenessprobe, cni-plugins-fips, tigera-operator, kubernetes-csi-external-resizer, cluster-autoscaler-fips, gke-gcloud-auth-plugin, calico-fips, goreleaser, mage,.....
5.3CVSS
6.8AI Score
0.001EPSS
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...
7.3AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: scorecard, cortex, kyverno, protoc-gen-go-grpc, k3d, smarter-device-manager, go-licenses, kubernetes-csi-livenessprobe, cni-plugins-fips, tigera-operator, kubernetes-csi-external-resizer, cluster-autoscaler-fips, gke-gcloud-auth-plugin, calico-fips, goreleaser, mage,.....
7.3AI Score
(RHSA-2024:2758) Moderate: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit...
6.5CVSS
6.8AI Score
0.001EPSS
A flaw was found in some AMD Hardware due to a code bug in the Secure_TSC, SEV firmware. This flaw allows an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled, potentially resulting in a loss of guest integrity. Mitigation Mitigation for this...
7AI Score
0.0004EPSS
A flaw was found in some AMD CPUs where the guest message responses have not been zero-initialized. This issue may allow a local attacker with the ability to run arbitrary code on a container or virtual machine to discover sensitive information contained in the host system's memory. Mitigation...
7AI Score
0.0004EPSS
Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096) kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size...
7.8CVSS
8.5AI Score
0.001EPSS
kernel security, bug fix, and enhancement update
An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux....
7.8CVSS
8.7AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...
7.3AI Score
0.0004EPSS
Apache Commons BCEL: Remote Code Execution
Background The Byte Code Engineering Library (Apache Commons BCEL™) is intended to give users a convenient way to analyze, create, and manipulate (binary) Java class files (those ending with .class). Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier.....
9.8CVSS
7.4AI Score
0.032EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...
7.4AI Score
0.0004EPSS
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them...
7.1AI Score
0.0004EPSS
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...
7.2AI Score
0.0004EPSS
Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This.....
7.1AI Score
0.0004EPSS
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus.
Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus running on Solaris. Vulnerability Details ** CVEID: CVE-2022-40609 DESCRIPTION: **IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote...
9.8CVSS
8.8AI Score
0.003EPSS