The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to...
6.1CVSS
EPSS
The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to...
6.1CVSS
6AI Score
EPSS
CVE-2024-6405 Floating Social Buttons <= 1.5 - Cross-Site Request Forgery
The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to...
6.1CVSS
EPSS
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length...
EPSS
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length...
6.9AI Score
EPSS
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the...
EPSS
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the...
6.6AI Score
EPSS
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the...
6.8AI Score
EPSS
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...
7.5CVSS
7AI Score
0.001EPSS
CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5
CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...
7.2AI Score
0.007EPSS
CVE-2010-4226 affecting package cpio 2.13-5
CVE-2010-4226 affecting package cpio 2.13-5. This CVE either no longer is or was never...
6.8AI Score
0.003EPSS
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.8AI Score
0.0004EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: configmap-reload, nuclei, k8sgpt, dagger, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, guac, capslock, kaniko, sops, temporal, filebeat, kubernetes-dns-node-cache,...
7.5AI Score
GHSA-VVPX-J8F3-3W6H vulnerabilities
Vulnerabilities for packages: k3d, dynamic-localpv-provisioner, hey, wireguard-go, go, restic, falco, grpcurl,...
7.5AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: kubernetes, trivy, skopeo, skaffold, ingress-nginx-controller, kots, k3d, kaniko, newrelic-infrastructure-agent, wolfictl, ctop, telegraf, k3s, nvidia-device-plugin, cadvisor, syft, runc, buildkitd, grype, zarf, nerdctl, docker, k9s, kubescape, zot,...
8.6CVSS
9.2AI Score
0.051EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: secrets-store-csi-driver-provider-gcp, kaf, wireguard-go, git-lfs, oauth2-proxy, grpcurl, spark-operator, pulumi-language-java, flux-source-controller, kubeflow-katib, dotnet, weaviate, atlantis, gitlab-runner, kind, buildkitd, keda, cert-manager,...
7.5CVSS
9AI Score
0.732EPSS
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...
5.3CVSS
6.3AI Score
0.002EPSS
CVE-2023-25761 affecting package junit 4.13-5
CVE-2023-25761 affecting package junit 4.13-5. No patch is available...
5.4CVSS
7.5AI Score
0.001EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, ksops, wireguard-go, go, neuvector-scanner, aws-ebs-csi-driver, guac, http-echo, capslock, git-lfs, grafana-rollout-operator, gobump, sops, kubernetes-dns-node-cache, kubeadm-bootstrap-controller,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, ksops, wireguard-go, go, neuvector-scanner, aws-ebs-csi-driver, guac, http-echo, capslock, git-lfs, grafana-rollout-operator, gobump, sops, kubernetes-dns-node-cache, kubeadm-bootstrap-controller,...
7.5AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, dagger, k8ssandra-operator, nri-cassandra, http-echo, gobump, aws-load-balancer-controller, grpcurl, logstash, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi, speedtest-go,...
5.5CVSS
6.1AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, oras, configmap-reload, nsc, vertical-pod-autoscaler, flannel-cni-plugin, prometheus-stackdriver-exporter, sbom-scorecard, influx, dgraph, protoc-gen-go-grpc, nri-discovery-kubernetes, kubernetes-dashboard-metrics-scraper, hey, go-bindata,...
7.5CVSS
7.9AI Score
0.001EPSS
CVE-2022-41723 vulnerabilities
Vulnerabilities for packages: k3d, dynamic-localpv-provisioner, hey, wireguard-go, go, restic, falco, grpcurl,...
7.5CVSS
8.4AI Score
0.024EPSS
CVE-2023-22466 affecting package netavark 1.0.3-5
CVE-2023-22466 affecting package netavark 1.0.3-5. This CVE either no longer is or was never...
5.4CVSS
5.9AI Score
0.001EPSS
CVE-2022-34176 affecting package junit 4.13-5
CVE-2022-34176 affecting package junit 4.13-5. No patch is available...
5.4CVSS
5.9AI Score
0.001EPSS
CVE-2022-28506 affecting package giflib 5.2.1-5
CVE-2022-28506 affecting package giflib 5.2.1-5. This CVE either no longer is or was never...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...
7.5CVSS
7.8AI Score
0.003EPSS
CVE-2020-8908 affecting package guava 25.0-5
CVE-2020-8908 affecting package guava 25.0-5. This CVE either no longer is or was never...
3.3CVSS
6.7AI Score
0.001EPSS
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...
7.5CVSS
7.8AI Score
0.003EPSS
Vulnerabilities for packages: k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, wireguard-go, aws-ebs-csi-driver, git-lfs, apko, oauth2-proxy, aws-load-balancer-controller, grpcurl, spark-operator, pulumi-language-java, flux-source-controller, kubeflow-katib, prometheus-mongodb-exporter,...
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: configmap-reload, nuclei, k8sgpt, dagger, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, guac, capslock, kaniko, sops, temporal, filebeat, kubernetes-dns-node-cache,...
6.6AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.5AI Score
GHSA-M5VV-6R4H-3VJ9 vulnerabilities
Vulnerabilities for packages: boring-registry, sqlpad, trivy, nuclei, k8sgpt, rclone, step-ca, velero, ksops, harbor-registry, prometheus, timestamp-authority, guac, policy-controller, tempo, rook, cortex, sops, teleport, fluent-bit-plugin-loki, flux-image-reflector-controller, filebeat, kyverno,.....
7.5AI Score
CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5
CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5. A patched version of the package is...
9.8CVSS
9.6AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: configmap-reload, nuclei, k8sgpt, k8ssandra-operator, nri-cassandra, http-echo, gobump, tigera-operator, aws-network-policy-agent, aws-load-balancer-controller, grpcurl, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi,...
6.8AI Score
0.0004EPSS
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: boring-registry, sqlpad, trivy, nuclei, k8sgpt, rclone, step-ca, velero, ksops, harbor-registry, prometheus, timestamp-authority, guac, policy-controller, tempo, rook, cortex, sops, teleport, fluent-bit-plugin-loki, flux-image-reflector-controller, filebeat, kyverno,.....
5.5CVSS
6AI Score
0.0004EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.5AI Score
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, ksops, wireguard-go, go, neuvector-scanner, aws-ebs-csi-driver, guac, http-echo, capslock, git-lfs, grafana-rollout-operator, gobump, sops, kubernetes-dns-node-cache, kubeadm-bootstrap-controller,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: configmap-reload, nuclei, k8sgpt, k8ssandra-operator, nri-cassandra, http-echo, gobump, tigera-operator, aws-network-policy-agent, aws-load-balancer-controller, grpcurl, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, dagger, k8ssandra-operator, nri-cassandra, http-echo, gobump, aws-load-balancer-controller, grpcurl, logstash, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi, speedtest-go,...
9.8CVSS
9.8AI Score
0.001EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, wireguard-go, go, aws-ebs-csi-driver, git-lfs, apko, kubernetes-dns-node-cache, oauth2-proxy, istio-pilot-agent, aws-load-balancer-controller, grpcurl, istio-cni, spark-operator, pulumi-language-java,...
7.5CVSS
8.4AI Score
0.002EPSS
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, dagger, k8ssandra-operator, nri-cassandra, http-echo, gobump, aws-load-balancer-controller, grpcurl, logstash, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi, speedtest-go,...
7.5AI Score
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, oras, configmap-reload, nsc, vertical-pod-autoscaler, flannel-cni-plugin, prometheus-stackdriver-exporter, sbom-scorecard, influx, dgraph, protoc-gen-go-grpc, nri-discovery-kubernetes, kubernetes-dashboard-metrics-scraper, hey, go-bindata,...
5.3CVSS
7.2AI Score
0.001EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, oras, configmap-reload, nsc, vertical-pod-autoscaler, flannel-cni-plugin, prometheus-stackdriver-exporter, sbom-scorecard, influx, dgraph, protoc-gen-go-grpc, nri-discovery-kubernetes, kubernetes-dashboard-metrics-scraper, hey, go-bindata,...
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, wireguard-go, aws-ebs-csi-driver, git-lfs, apko, oauth2-proxy, aws-load-balancer-controller, grpcurl, spark-operator, pulumi-language-java, flux-source-controller, kubeflow-katib, prometheus-mongodb-exporter,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, wireguard-go, go, aws-ebs-csi-driver, git-lfs, apko, kubernetes-dns-node-cache, oauth2-proxy, istio-pilot-agent, aws-load-balancer-controller, grpcurl, istio-cni, spark-operator, pulumi-language-java,...
7.5AI Score