PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the...
10CVSS
8AI Score
EPSS
In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the...
EPSS
PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the...
10CVSS
EPSS
CVE-2024-6071 PTC Creo Elements/Direct License Server Missing Authorization
PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the...
10CVSS
EPSS
CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to...
6.9AI Score
EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the shadowing component of the Endpoint Protector and Unify agent which allows an attacker with administrative access to the Endpoint Protector or Unify server to...
8.1AI Score
EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious request, resulting in...
8.4AI Score
EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious request, resulting in...
EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the shadowing component of the Endpoint Protector and Unify agent which allows an attacker with administrative access to the Endpoint Protector or Unify server to...
EPSS
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....
10CVSS
7.2AI Score
EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the Endpoint Protector and Unify agent in the way that the EasyLock dependency is acquired from the server. An attacker with administrative access to the Endpoint...
EPSS
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....
10CVSS
EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the Endpoint Protector and Unify agent in the way that the EasyLock dependency is acquired from the server. An attacker with administrative access to the Endpoint...
8.1AI Score
EPSS
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...
5.3CVSS
EPSS
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...
5.3CVSS
6.4AI Score
EPSS
7.5CVSS
7.7AI Score
0.001EPSS
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: skaffold, zarf, spire-server, falcoctl, vexctl, wolfictl, zot, neuvector-sigstore-interface, apko, policy-controller, kubescape, ko, gitsign, goreleaser, slsa-verifier, tekton-chains, aactl, melange, falco, tkn,...
7.5AI Score
Vulnerabilities for packages: flux, pulumi, zarf, cosign, terraform, spire-server, fulcio, falcoctl, crossplane-provider-azure, flux-notification-controller, kargo, pulumi-kubernetes-operator, vault-csi-provider, snyk-cli, flux-kustomize-controller, vexctl, ksops, skopeo, argo-cd, zot, consul,...
6CVSS
6AI Score
0.0004EPSS
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: caddy, trillian, keda, kine, telegraf, kots, src, kube-bench, amass, k3s, vault, ferretdb, argo-workflows, spicedb, step-ca,...
9.8CVSS
9.7AI Score
0.0004EPSS
GHSA-MRWW-27VC-GGHV vulnerabilities
Vulnerabilities for packages: caddy, trillian, keda, kine, telegraf, kots, src, kube-bench, amass, k3s, vault, ferretdb, argo-workflows, spicedb, step-ca,...
7.5AI Score
6.5CVSS
7.5AI Score
0.001EPSS
5.9CVSS
6.1AI Score
0.001EPSS
CVE-2022-29526 vulnerabilities
Vulnerabilities for packages: kind, ctop, grpcurl, dynamic-localpv-provisioner,...
5.3CVSS
9.3AI Score
0.002EPSS
CVE-2024-21506 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-pymongo,...
6.7AI Score
0.0004EPSS
7.5CVSS
6.8AI Score
0.001EPSS
7.5AI Score
7.5CVSS
7.5AI Score
0.005EPSS
CVE-2024-28219 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-pillow,...
6.7CVSS
7AI Score
0.0004EPSS
7.5AI Score
9.8CVSS
9.7AI Score
0.018EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
8.1AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.008EPSS
5.3CVSS
6.1AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
3.7CVSS
5.3AI Score
0.001EPSS
7.3CVSS
7.4AI Score
0.003EPSS
CVE-2022-4123 affecting package podman 4.1.1-21
CVE-2022-4123 affecting package podman 4.1.1-21. No patch is available...
3.3CVSS
4.3AI Score
0.0004EPSS
7.8CVSS
7.1AI Score
0.0004EPSS
CVE-2022-42969 affecting package python-py 1.10.0-3
CVE-2022-42969 affecting package python-py 1.10.0-3. No patch is available...
7.5CVSS
7.7AI Score
0.007EPSS
7.3CVSS
7.1AI Score
0.0005EPSS
CVE-2022-2929 affecting package dhcp 4.4.3-3
CVE-2022-2929 affecting package dhcp 4.4.3-3. This CVE either no longer is or was never...
6.5CVSS
7.2AI Score
0.001EPSS
CVE-2022-31629 affecting package php 7.4.14-3
CVE-2022-31629 affecting package php 7.4.14-3. This CVE either no longer is or was never...
6.5CVSS
9.9AI Score
0.006EPSS
CVE-2022-38752 affecting package snakeyaml 1.25-2
CVE-2022-38752 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...
6.5CVSS
9AI Score
0.003EPSS
CVE-2022-36069 affecting package poetry 1.0.10-2
CVE-2022-36069 affecting package poetry 1.0.10-2. No patch is available...
7.3CVSS
7.3AI Score
0.001EPSS
CVE-2022-1615 affecting package samba 4.12.5-6
CVE-2022-1615 affecting package samba 4.12.5-6. No patch is available...
5.5CVSS
5.9AI Score
0.001EPSS