CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: boring-registry, nfs-subdir-external-provisioner, istio-pilot-agent, kubernetes-csi-driver-hostpath, kpt, prometheus-mongodb-exporter, gitlab-pages, newrelic-nri-kube-events, rclone, pulumi, docker-compose, prometheus-elasticsearch-exporter, istio-operator, influxd,...
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, cni-plugins, kor, nri-nginx, helm-operator, gitlab-logger, k8ssandra-operator,...
6.8AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...
7.2AI Score
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: sbom-scorecard, aws-flb-cloudwatch, slsa-verifier, gobuster, cilium-envoy, configmap-reload, go-licenses, grpcurl, render-template, smarter-device-manager, sops, docker-cli, local-path-provisioner, amass, kubernetes-dashboard-metrics-scraper, goreleaser, oras,...
7.5CVSS
7.9AI Score
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: boring-registry, nfs-subdir-external-provisioner, istio-pilot-agent, kubernetes-csi-driver-hostpath, kpt, prometheus-mongodb-exporter, gitlab-pages, newrelic-nri-kube-events, rclone, pulumi, docker-compose, prometheus-elasticsearch-exporter, istio-operator, influxd,...
6.6AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, cni-plugins, kor, nri-nginx, helm-operator, gitlab-logger, k8ssandra-operator,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...
7.2AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: sbom-scorecard, aws-flb-cloudwatch, slsa-verifier, gobuster, cilium-envoy, configmap-reload, go-licenses, grpcurl, render-template, smarter-device-manager, sops, docker-cli, local-path-provisioner, amass, kubernetes-dashboard-metrics-scraper, goreleaser, oras,...
5.3CVSS
7.2AI Score
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: sbom-scorecard, aws-flb-cloudwatch, slsa-verifier, gobuster, cilium-envoy, configmap-reload, go-licenses, grpcurl, render-template, smarter-device-manager, sops, docker-cli, local-path-provisioner, amass, kubernetes-dashboard-metrics-scraper, goreleaser, oras,...
7.5AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: sbom-scorecard, aws-flb-cloudwatch, slsa-verifier, gobuster, cilium-envoy, configmap-reload, go-licenses, grpcurl, render-template, smarter-device-manager, sops, docker-cli, local-path-provisioner, amass, kubernetes-dashboard-metrics-scraper, goreleaser, oras,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...
CVE-2024-36969 drm/amd/display: Fix division by zero in setup_dsc_config
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...
dubious disk - the porygon-z that's super effective against...
Summary IBM Workload Automation is potentially affected by multiple vulnerabilities in OpenSSL that could cause Denial of Service (CVE-2023-4807, CVE-2023-3817) Vulnerability Details ** CVEID: CVE-2023-4807 DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a state corruption...
7.8CVSS
9.5AI Score
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the...
7.6CVSS
7.5AI Score
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the...
7.6CVSS
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the...
7.6CVSS
Fedora: Security Advisory for rust-sevctl (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for...
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows...
7.5CVSS
Fedora: Security Advisory for rust-snphost (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for...
Jupyter server on Windows discloses Windows user password hash
Summary Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows machine hosting the Jupyter server, or access other...
7.5CVSS
7.8AI Score
Jupyter server on Windows discloses Windows user password hash
Summary Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows machine hosting the Jupyter server, or access other...
7.5CVSS
7.9AI Score
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows...
7.5CVSS
7.8AI Score
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows...
7.5CVSS
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows...
7.5CVSS
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows...
7.5CVSS
7.8AI Score
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows...
7.5CVSS
7.7AI Score
CVE-2024-35178 Jupyter server on Windows discloses Windows user password hash
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows...
7.5CVSS
kernel security and bug fix update
[5.14.0-427.20.1_4.OL9] Disable UKI signing [Orabug: 36571828] Update Oracle Linux certificates (Kevin Lyons) Disable signing for aarch64 (Ilya Okomin) Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] Update x509.genkey...
7.4AI Score
Security Bulletin: NVIDIA GPU Display Driver - June 2024
NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software and Cloud Gaming updates,...
By-passing Protection of PharStreamWrapper Interceptor
Insecure deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application. In July 2018, the vulnerability of insecure deserialization when executing Phar archives was addressed by removing the known attack vector in the TYPO3 core. For more details.....
7.5AI Score
By-passing Protection of PharStreamWrapper Interceptor
Insecure deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application. In July 2018, the vulnerability of insecure deserialization when executing Phar archives was addressed by removing the known attack vector in the TYPO3 core. For more details.....
7.5AI Score
Financial sextortion scams on the rise
“Hey there!” messaged Savannah, someone 16-year-old Charlie had never met before, but looked cute in her profile picture. She had long blonde hair, blue eyes, and an adorable smile, so he decided to DM with her on Instagram. Soon their flirty exchanges grew heated, and Savannah was sending Charlie....
6.8AI Score
Securing AI Development in the Cloud: Navigating the Risks and Opportunities
AI-TRiSM - Trust, Risk and Security Management in the Age of AI Co-authored by Lara Sunday and Pojan Shahrivar As artificial intelligence (AI) and machine learning (ML) technologies continue to advance and proliferate, organizations across industries are investing heavily in these transformative...
7.4AI Score
Unable to generate the correct character set
Reduced entropy due to inadequate character set usage Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nano_id::base62 and nano_id::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the....
9.4CVSS
6.5AI Score
Unable to generate the correct character set
Reduced entropy due to inadequate character set usage Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nano_id::base62 and nano_id::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the....
9.4CVSS
6.5AI Score