GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: cadvisor, external-secrets-operator, k9s, secrets-store-csi-driver-provider-gcp, policy-controller, istio-pilot-discovery, zarf, external-dns, istio-cni, kubernetes-csi-external-resizer, envoy-ratelimit, cri-tools, kpt, tctl, kyverno-policy-reporter-kyverno-plugin,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.7AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: external-secrets-operator, policy-controller, nri-nagios, kubernetes-csi-external-resizer, harbor, crossplane-provider-aws, ingress-nginx-controller, gatekeeper, gitlab-runner, step-ca, prometheus-alertmanager, aws-load-balancer-controller,...
6.2AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: helm-push, go-bindata, render-template, ip-masq-agent, gke-gcloud-auth-plugin, k3d, gobuster, local-path-provisioner, prometheus-stackdriver-exporter, prometheus-bind-exporter, goreleaser, docker-cli, influx, protoc-gen-go-grpc, hey, amass, configmap-reload,...
7.5CVSS
7.9AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: cadvisor, external-secrets-operator, k9s, secrets-store-csi-driver-provider-gcp, policy-controller, istio-pilot-discovery, zarf, external-dns, istio-cni, kubernetes-csi-external-resizer, envoy-ratelimit, cri-tools, kpt, tctl, kyverno-policy-reporter-kyverno-plugin,...
6.2AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.7AI Score
0.0004EPSS
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: external-secrets-operator, policy-controller, nri-nagios, kubernetes-csi-external-resizer, harbor, crossplane-provider-aws, ingress-nginx-controller, gatekeeper, gitlab-runner, step-ca, prometheus-alertmanager, aws-load-balancer-controller,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.5AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.7AI Score
0.0004EPSS
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: helm-push, go-bindata, render-template, ip-masq-agent, gke-gcloud-auth-plugin, k3d, gobuster, local-path-provisioner, prometheus-stackdriver-exporter, prometheus-bind-exporter, goreleaser, docker-cli, influx, protoc-gen-go-grpc, hey, amass, configmap-reload,...
5.3CVSS
7.2AI Score
0.001EPSS
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: helm-push, go-bindata, render-template, ip-masq-agent, gke-gcloud-auth-plugin, k3d, gobuster, local-path-provisioner, prometheus-stackdriver-exporter, prometheus-bind-exporter, goreleaser, docker-cli, influx, protoc-gen-go-grpc, hey, amass, configmap-reload,...
7.5AI Score
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: helm-push, go-bindata, render-template, ip-masq-agent, gke-gcloud-auth-plugin, k3d, gobuster, local-path-provisioner, prometheus-stackdriver-exporter, prometheus-bind-exporter, goreleaser, docker-cli, influx, protoc-gen-go-grpc, hey, amass, configmap-reload,...
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.7AI Score
0.0004EPSS
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: cadvisor, mongo-tools, secrets-store-csi-driver-provider-gcp, external-dns, gobuster, nri-elasticsearch, nri-nagios, nri-memcached, kubernetes-csi-external-resizer, prometheus-blackbox-exporter, envoy-ratelimit, cri-tools, kpt, tctl,...
7.7AI Score
0.0004EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, flux-kustomize-controller-2.0, seldon-core-operator, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, terragrunt, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, kubernetes-dashboard,...
7.3AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.5AI Score
0.0004EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.3AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.5AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: calico-fips, slsa-verifier, mage, gke-gcloud-auth-plugin, seldon-core-operator, newrelic-nri-kube-events, influx, kubernetes-csi-livenessprobe, prometheus-beat-exporter-fips, hey, nsc, local-path-provisioner, grpcurl, smarter-device-manager-fips, gitlab-logger,...
7.5CVSS
7.6AI Score
0.001EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: calico-fips, ko, caddy, mage, seldon-core-operator, node-feature-discovery, kubernetes-dashboard-metrics-scraper-fips, litestream, dynamic-localpv-provisioner, terragrunt, gatekeeper, vault-k8s-fips, gomplate, gitlab-logger, gitleaks, docker-credential-acr-env, apko,.....
5.8AI Score
0.0004EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, flux-kustomize-controller-2.0, seldon-core-operator, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, terragrunt, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, kubernetes-dashboard,...
5.8AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.3AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.5AI Score
0.0004EPSS
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.5AI Score
0.0004EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: calico-fips, slsa-verifier, mage, gke-gcloud-auth-plugin, seldon-core-operator, newrelic-nri-kube-events, influx, kubernetes-csi-livenessprobe, prometheus-beat-exporter-fips, hey, nsc, local-path-provisioner, grpcurl, smarter-device-manager-fips, gitlab-logger,...
7.3AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: calico-fips, ko, caddy, mage, seldon-core-operator, node-feature-discovery, kubernetes-dashboard-metrics-scraper-fips, litestream, dynamic-localpv-provisioner, terragrunt, gatekeeper, vault-k8s-fips, gomplate, gitlab-logger, gitleaks, docker-credential-acr-env, apko,.....
7.3AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.5AI Score
0.0004EPSS
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.3AI Score
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.3AI Score
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: calico-fips, slsa-verifier, mage, gke-gcloud-auth-plugin, seldon-core-operator, newrelic-nri-kube-events, influx, kubernetes-csi-livenessprobe, prometheus-beat-exporter-fips, hey, nsc, local-path-provisioner, grpcurl, smarter-device-manager-fips, gitlab-logger,...
5.3CVSS
6.8AI Score
0.001EPSS
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: dagger, calico-fips, caddy, mage, flux-kustomize-controller-2.0, kubernetes-dashboard-metrics-scraper-fips, dynamic-localpv-provisioner, mockery, gatekeeper, vault-k8s-fips, gomplate, smarter-device-manager-fips, gitlab-logger, docker-credential-acr-env,...
7.3AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: calico-fips, slsa-verifier, mage, gke-gcloud-auth-plugin, seldon-core-operator, newrelic-nri-kube-events, influx, kubernetes-csi-livenessprobe, prometheus-beat-exporter-fips, hey, nsc, local-path-provisioner, grpcurl, smarter-device-manager-fips, gitlab-logger,...
7.3AI Score
Apache Commons BCEL: Remote Code Execution
Background The Byte Code Engineering Library (Apache Commons BCEL™) is intended to give users a convenient way to analyze, create, and manipulate (binary) Java class files (those ending with .class). Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier.....
9.8CVSS
7.4AI Score
0.032EPSS
[SECURITY] [DLA 3808-1] intel-microcode security update
Debian LTS Advisory DLA-3808-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost May 04, 2024 https://wiki.debian.org/LTS Package : intel-microcode Version : 3.20240312.1~deb10u1 CVE...
6.5CVSS
8AI Score
0.001EPSS
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients. Changelogs Major changes are documented in the project Announcements:...
5.9AI Score
Summary There are vulnerabilities in multiple Open Source Software (OSS) components consumed by IBM Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics 2.1.2 and IBM Planning Analytics 2.0.95 by upgrading or removing the vulnerable libraries. Please refer to...
9.8CVSS
10AI Score
0.962EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...
7.4AI Score
0.0004EPSS
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them...
7.1AI Score
0.0004EPSS
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...
7.2AI Score
0.0004EPSS
Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This.....
7.1AI Score
0.0004EPSS
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus.
Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus running on Solaris. Vulnerability Details ** CVEID: CVE-2022-40609 DESCRIPTION: **IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote...
9.8CVSS
8.8AI Score
0.003EPSS
Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Host On-Demand
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by Host On-Demand. Host On-Demand has addressed the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtime Environment updates in the Oracle October 2023 Critical....
5.9CVSS
5.6AI Score
0.0004EPSS
Qualys Launches MSSP Portal to Empower Managed Security Service Providers
In the words of Sun Tzu, 'In the midst of chaos, there is also opportunity.' This aptly captures the essence of today's cybersecurity landscape. Managed Security Service Providers (MSSPs) stand at the forefront, turning chaos into opportunity by securing digital assets across the entire...
7.3AI Score
Summary There are multiple vulnerabilities in IBM® SDK Java™ used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and Runtime Environment updates in the Oracle April 2023 Critical Patch.....
9.1CVSS
6.7AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add 'replay' NULL check in 'edp_set_replay_allow_active()' In the first if statement, we're checking if 'replay' is NULL. But in the second if statement, we're not checking if 'replay' is NULL again before calling....
7.2AI Score
0.0004EPSS