Album And Image Gallery With Lightbox – Flagallery Photo Portfolio Security Vulnerabilities

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: oauth2-proxy, chartmuseum, prometheus-mongodb-exporter-fips, cosign, dynamic-localpv-provisioner-fips, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, istio-pilot-agent, kube-oidc-proxy, pulumi-language-dotnet, azure-aad-pod-identity-mic, up,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: oauth2-proxy, cosign, dynamic-localpv-provisioner-fips, wireguard-go, aws-efs-csi-driver-fips, istio-envoy, kube-oidc-proxy, pulumi-language-dotnet, up, dgraph, prometheus-postgres-exporter, gatekeeper, prometheus-elasticsearch-exporter, coredns, opentofu, aactl,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

GHSA-6WRF-MXFJ-PF5P vulnerabilities

Vulnerabilities for packages: bom, melange, flux-image-reflector-controller, flux-helm-controller-0.37, ctop, helm, apko, ko,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: chartmuseum, prometheus-mongodb-exporter-fips, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, gatekeeper, nfs-subdir-external-provisioner, flux-notification-controller-2.0,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, gobump, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, http-echo, gatekeeper,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, gobump, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, http-echo, gatekeeper,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2023-28842 vulnerabilities

Vulnerabilities for packages: bom, melange, flux-image-reflector-controller, flux-helm-controller-0.37, ctop, helm, apko, ko,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: hello-world-golang, gobump, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, rekor, pulumi-language-dotnet, azure-aad-pod-identity-mic, http-echo, kube-webhook-certgen-fips,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: hello-world-golang, gobump, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, rekor, pulumi-language-dotnet, azure-aad-pod-identity-mic, http-echo, kube-webhook-certgen-fips,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: hello-world-golang, gobump, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, rekor, pulumi-language-dotnet, azure-aad-pod-identity-mic, http-echo, kube-webhook-certgen-fips,...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: bom, newrelic-infrastructure-agent, k9s, falcoctl, cri-tools, cosign, datadog-agent-fips, loki, timoni, goreleaser, kubevela, scorecard, docker-credential-gcr, cert-manager-fips, istio-pilot-agent, helm-fips, argo-workflows-fips, buildkitd, tekton-chains,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: oauth2-proxy, chartmuseum, prometheus-mongodb-exporter-fips, cosign, dynamic-localpv-provisioner-fips, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, istio-pilot-agent, kube-oidc-proxy, pulumi-language-dotnet, azure-aad-pod-identity-mic, up,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: boring-registry, oauth2-proxy, istio-cni-fips, sops, kubernetes-event-exporter, go-licenses, prometheus-mongodb-exporter-fips, cosign, dynamic-localpv-provisioner-fips, flux-helm-controller-2.0, wireguard-go, cert-manager-fips, istio-pilot-agent, rekor,...

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: boring-registry, oauth2-proxy, istio-cni-fips, sops, kubernetes-event-exporter, go-licenses, prometheus-mongodb-exporter-fips, cosign, dynamic-localpv-provisioner-fips, flux-helm-controller-2.0, wireguard-go, cert-manager-fips, istio-pilot-agent, rekor,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: oauth2-proxy, chartmuseum, prometheus-mongodb-exporter-fips, cosign, dynamic-localpv-provisioner-fips, wireguard-go, cert-manager-fips, kube-oidc-proxy, pulumi-language-dotnet, azure-aad-pod-identity-mic, vertical-pod-autoscaler, dgraph, prometheus-postgres-exporter,.....

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: bom, chartmuseum, loki, scorecard, spire-server-fips, cert-manager-fips, tekton-chains, cert-manager, slsa-verifier, falcoctl-fips, skaffold, paranoia, k3s, up, kpt, k3d, flux-image-reflector-controller, ctop, aactl, prometheus, prometheus-fips, kubescape,...

CVE-2023-28841 vulnerabilities

Vulnerabilities for packages: bom, melange, flux-image-reflector-controller, flux-helm-controller-0.37, ctop, helm, apko, ko,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: bom, newrelic-infrastructure-agent, k9s, falcoctl, cri-tools, cosign, datadog-agent-fips, loki, timoni, goreleaser, kubevela, scorecard, docker-credential-gcr, cert-manager-fips, istio-pilot-agent, helm-fips, argo-workflows-fips, buildkitd, tekton-chains,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: oauth2-proxy, cosign, dynamic-localpv-provisioner-fips, wireguard-go, aws-efs-csi-driver-fips, istio-envoy, kube-oidc-proxy, pulumi-language-dotnet, up, dgraph, prometheus-postgres-exporter, gatekeeper, prometheus-elasticsearch-exporter, coredns, opentofu, aactl,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: oauth2-proxy, chartmuseum, prometheus-mongodb-exporter-fips, cosign, dynamic-localpv-provisioner-fips, wireguard-go, cert-manager-fips, kube-oidc-proxy, pulumi-language-dotnet, azure-aad-pod-identity-mic, vertical-pod-autoscaler, dgraph, prometheus-postgres-exporter,.....

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: boring-registry, flux-kustomize-controller, sops, tkn, flux-notification-controller, pulumi-kubernetes-operator, cosign, flux-kustomize-controller-2.0, goreleaser, kubevela, crossplane, terraform-provider-google, scorecard, spire-server-fips, wolfictl,...

CVE-2023-2253 vulnerabilities

Vulnerabilities for packages: bom, flux-image-reflector-controller, flux-helm-controller-0.37, kubernetes-fips, kubernetes-dashboard, aactl, kpt, prometheus,...

GHSA-232P-VWFF-86MP vulnerabilities

Vulnerabilities for packages: bom, melange, flux-image-reflector-controller, flux-helm-controller-0.37, ctop, helm, apko, ko,...

CVE-2024-31879 IBM i denial of service

IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a denial of service of network ports on the system, caused by the deserialization of untrusted data. IBM X-Force ID: ...

simple.scandinav.se Cross Site Scripting vulnerability OBB-3928545

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Exploit for CVE-2024-32002

CVE-2024-32002 RCE PoC Overview This repository contains...

revizorskotijelo.me Cross Site Scripting vulnerability OBB-3928544

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

travelmalaysia.me Cross Site Scripting vulnerability OBB-3928542

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

publications-prairial.fr Cross Site Scripting vulnerability OBB-3928541

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Exploit for CVE-2024-27972

CVE-2024-27972-Poc CVE-2024-27972 WP Fusion Lite <=...

rallies.info Cross Site Scripting vulnerability OBB-3928539

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-3745

MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64.sys driver, which leads to triggering vulnerabilities like CVE-2024-1443 and CVE-2024-1460 from a low privileged...

xfenix.ru Open Redirect vulnerability OBB-3928538

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

neyron.ru Open Redirect vulnerability OBB-3928537

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

planetasp.ru Open Redirect vulnerability OBB-3928536

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

vipbablo.ru Open Redirect vulnerability OBB-3928534

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-3745 MSI Afterburner v4.6.6.16381 Beta 3 - ACL Bypass

MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64.sys driver, which leads to triggering vulnerabilities like CVE-2024-1443 and CVE-2024-1460 from a low privileged...

johner.no Cross Site Scripting vulnerability OBB-3928532

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

russiacompany.ru Open Redirect vulnerability OBB-3928531

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5088

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’ parameter in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-5088 Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’ parameter in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...