3rd Gen AMD EPYC™ Security Vulnerabilities

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: rqlite, kubevela, pulumi, temporal-ui-server, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, kaniko, sops, aactl, external-dns, doppler-kubernetes-operator, certificate-transparency, gitlab-pages, influxd, crossplane-provider-azure, flux-helm-controller,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, pulumi, temporal-ui-server, stern, bom, sops, kubernetes-ingress-defaultbackend, s5cmd, kyverno-policy-reporter, flannel-cni-plugin, bank-vaults, confluent-common-docker, secrets-store-csi-driver, containerd, timoni, tctl, fulcio, nats-server,....

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, cni-plugins, prometheus-stackdriver-exporter, hey, go-licenses, kubernetes-dashboard-metrics-scraper, scorecard, metrics-server, sops, gitlab-logger, gke-gcloud-auth-plugin, aactl, k3d, falco, nats, flannel-cni-plugin, oras, influx, go-md2man,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: rqlite, kubevela, pulumi, temporal-ui-server, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, kaniko, sops, aactl, external-dns, doppler-kubernetes-operator, certificate-transparency, gitlab-pages, influxd, crossplane-provider-azure, flux-helm-controller,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, pulumi, temporal-ui-server, stern, bom, sops, kubernetes-ingress-defaultbackend, s5cmd, kyverno-policy-reporter, flannel-cni-plugin, bank-vaults, confluent-common-docker, secrets-store-csi-driver, containerd, timoni, tctl, fulcio, nats-server,....

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, cni-plugins, prometheus-stackdriver-exporter, hey, go-licenses, kubernetes-dashboard-metrics-scraper, scorecard, metrics-server, sops, gitlab-logger, gke-gcloud-auth-plugin, aactl, k3d, falco, nats, flannel-cni-plugin, oras, influx, go-md2man,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, cni-plugins, prometheus-stackdriver-exporter, hey, go-licenses, kubernetes-dashboard-metrics-scraper, scorecard, metrics-server, sops, gitlab-logger, gke-gcloud-auth-plugin, aactl, k3d, falco, nats, flannel-cni-plugin, oras, influx, go-md2man,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, cni-plugins, prometheus-stackdriver-exporter, hey, go-licenses, kubernetes-dashboard-metrics-scraper, scorecard, metrics-server, sops, gitlab-logger, gke-gcloud-auth-plugin, aactl, k3d, falco, nats, flannel-cni-plugin, oras, influx, go-md2man,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: terraform-provider-google, k3s, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, eks-distro-kubernetes-csi-livenessprobe, certificate-transparency, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, hubble,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, go-bindata, gobuster, kyverno, kube-logging-logging-operator, seldon-core-operator, protoc-gen-go-grpc, ctop, gke-gcloud-auth-plugin, grpcurl, render-template, amass, falco, kubernetes-csi-livenessprobe-fips, cni-plugins-fips, gitlab-logger,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: terraform-provider-google, k3s, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, eks-distro-kubernetes-csi-livenessprobe, certificate-transparency, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, hubble,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, go-bindata, gobuster, kyverno, kube-logging-logging-operator, seldon-core-operator, protoc-gen-go-grpc, ctop, gke-gcloud-auth-plugin, grpcurl, render-template, amass, falco, kubernetes-csi-livenessprobe-fips, cni-plugins-fips, gitlab-logger,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: terraform-provider-google, k3s, rootlesskit, vertical-pod-autoscaler-fips, stern, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, neuvector-scanner, eks-distro-kubernetes-csi-livenessprobe, esbuild, harbor, tekton-chains-fips,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: terraform-provider-google, k3s, rootlesskit, vertical-pod-autoscaler-fips, stern, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, neuvector-scanner, eks-distro-kubernetes-csi-livenessprobe, esbuild, harbor, tekton-chains-fips,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, go-bindata, gobuster, kyverno, kube-logging-logging-operator, seldon-core-operator, protoc-gen-go-grpc, ctop, gke-gcloud-auth-plugin, grpcurl, render-template, amass, falco, kubernetes-csi-livenessprobe-fips, cni-plugins-fips, gitlab-logger,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, go-bindata, gobuster, kyverno, kube-logging-logging-operator, seldon-core-operator, protoc-gen-go-grpc, ctop, gke-gcloud-auth-plugin, grpcurl, render-template, amass, falco, kubernetes-csi-livenessprobe-fips, cni-plugins-fips, gitlab-logger,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

5 key MDR differentiators to look for to build stronger security resilience

Organizations looking to address the skills gap and bring greater efficiency as their business grows and their attack surface sprawls are turning to MDR providers at an accelerated pace. We’ve seen predictions from top analyst firms signaling the rapid rate of adoption of an MDR provider by 2025......

CVE-2024-1598

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

CVE-2024-0762

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

CVE-2024-32985

Stellar-core is a reference implementation for the peer-to-peer agent that manages the Stellar network. Prior to 20.4.0, core nodes could be randomly crashed due to a race condition with a 3rd party library. The likelihood of affecting the network is low since crashed nodes come back up online...

Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

Enhancing Security with AI: Revolutionizing Protection in the Digital Era

In the ever-evolving landscape of cybersecurity, the integration of Artificial Intelligence (AI) and Machine Learning (ML) has emerged as a transformative force. AI, with its ability to mimic human cognition and problem-solving capabilities, combined with ML's capacity to iteratively learn from...

Exploit for CVE-2024-26026

CVE-2024-26026 BIG-IP Next...

Security Bulletin: A vulnerability exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Java on z/OS properties files not read correctly under certain locales / codepages vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2 Vulnerability Details ** IBM X-Force ID: PSIRT-ADV0103951 ...

Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM

Command Your Attack Surface with a next-gen SIEM built for the Cloud First Era Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM. In a crowded and constantly changing space, this is our sixth time to be recognized in the report....

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2024 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...

Security Bulletin: Multiple vulnerabilities exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Multiple vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850 Vulnerability Details....

About the security content of iOS 17.5 and iPadOS 17.5

About the security content of iOS 17.5 and iPadOS 17.5 This document describes the security content of iOS 17.5 and iPadOS 17.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches...